Cesare Garlati, chief security strategist at the prpl Foundation, an organisation working to make the IoT safer, explains how startups can get IoT security right to avoid being subjected to harm.
The Internet of Things (IoT) is exciting new territory for many startups and innovative companies looking to push boundaries and connect even the smallest devices to attempt to simplify and enhance our lives. But the security of these devices is fundamentally flawed for a number of reasons.
While there is a whole world of consumer electronics being built with some element of connectivity built-in, the developers making them come from backgrounds that don’t include an adequate understanding of network protocols and even less in network security. They may know how to put together hardware components, but implementing TCP/IP protocols is a rarefied discipline which requires expert knowledge and extensive debug and testing. Weak implementation of network protocols can spell disaster, especially when looking at the most popular wireless standards in IoT like ZigBee that operate in frequency bands that are easily accessible to everyone and ripe for exploitation.
The attitude to securing these devices has typically been lackadaisical and more focused on the data that can be stolen from these devices. Therefore, security efforts have been minimal and devices are shipped with default passwords which can easily be found out by hackers and used to do their nefarious bidding. We’ve seen an example of this kind of IoT takeover with the Mirai IoT malware, where botnet criminals were able to use insecure security cameras and target core internet infrastructure company Dyn with a massive DDoS attack that took down popular internet services including Twitter, Spotify, Netflix and Paypal.
Waking up to the dangers
What the industry needs to wake up to is that it’s not about the data that can be stolen from a refrigerator or a light bulb – it’s about how these can be hijacked in volume and directed at one target. Using the example of a light bulb, while it may not seem like a big deal if a single light bulb is breached in the home – what if a hacker could control every single one of those light bulbs in a specific geographic region and create a power surge which could cause a rolling black out? Or if a nation state actor could hijack a mass of drones in an area and direct them at a target?
From causing extreme internet service outages to becoming deadly weapons with catastrophic outcomes, the consequence of IoT security not being taken seriously is a very real and tangible problem. That is why it it now time to start taking measures to secure these devices at the most basic level: the hardware.
Getting it right
In order to overcome the biggest IoT security challenges and engineer security into connected and embedded devices from the ground up, it’s useful for developers and manufacturers to consider the following principals:
Open source – put an end to proprietary security by obscurity and instead choose a 100% “Darwinist” focus on quality, usability and robustness. Code is becoming increasingly complex, so let’s get as many eyes on it as possible. Open standards could overcome the dearth of connectivity expertise in the industry.
Interoperable – vendor-led initiatives can be incredibly time-consuming and costly, yet the results are usually non-portable across homogeneous platforms.But if vendors can come together on a common platform, architecture, APIs and standards, they can benefit from a universal and more secure open source approach leaving them to compete on value-add services, rather than basics such as security.
Secure boot – ensure IoT systems will only boot up if the first piece of software to execute is cryptographically signed by a trusted entity. It needs to match on the other side with a public key or certificate which is hard-coded into the device, anchoring the “Root of Trust” into the hardware to make it tamper proof.
Hardware-assisted virtualisation – this will containerise each software element, keeping critical components safe, secure and isolated from the rest and preventing lateral movement. Secure inter-process communication will allow instructions to travel across this secure separation in a strictly controlled mode. This approach improves on current binary approaches where applications are either trusted or untrusted at a processor level, allowing for as many independent, secure guests as possible.
There is no reason that IoT can’t be the exciting world of possibilities and innovation that it has the potential to achieve. Equally, it has catastrophic potential, so to limit the damage IoT can cause developers need to take responsibility from the very beginning to make sure they are shipping safe and secure products.
It won’t happen overnight, but if we can change the mindset from “it works, now let’s try to secure it” to “it isn’t secure and therefore it doesn’t work” then the industry as a whole will flourish without subjecting users to harm.