4 ways to minimize IoT cybersecurity risk
Few technology trends are growing as quickly as the internet of things. According to Bain & Company, the markets for IoT hardware, software, systems integration, data and telecom services will grow to $520 billion in 2021, more than double the figure of 2017. The IoT ecosystem has exploded already, thanks to the rapid proliferation of voice assistants, connected appliances (such as smart thermostats and security cameras) and even smart infrastructure. Today, connected devices are integrated into critical systems running air traffic control, energy grids and environmental management.
But the rise of IoT has also been accompanied a spike in cyber attacks, with hackers and other malicious parties seeking to exploit vulnerabilities in devices manufactured with poor security practices. The government is clearly worried: During a Senate hearing last year, the director of the Defense Intelligence Agency stated that insecure IoT devices are one of the “most important emerging cyberthreats” to U.S. national security. In an attempt to address the problem for the federal government, Sen. Mark Warner (D-Va.) introduced the Internet of Things Cybersecurity Improvement Act, a bill aimed at establishing security standards for manufacturers developing connected devices for federal institutions.
The bill, however, has yet to pass. Until it does, federal IT managers must go beyond knowing the basic capabilities of the IoT app or platform they’re looking to deploy. They must also have a deeper understanding of the solution to ensure their agencies aren't exposed to unnecessary risk. Below are four key ways to minimize cyber risk.
1. Reduce the attack surface
The smaller the attack surface, the more limited the risk. While some devices need to broadcast a Wi-Fi network and run an http server (for accepting credentials to the network), this is not required after the device is configured. IT managers can disable these features so that users do not inadvertently expose themselves to nefarious purposes when using the IoT device.
After the initial configuration step is complete, developers can set up any accompanying mobile app to never communicate directly with the device again. All communications can be limited to a single channel that is negotiated between the device and the remote server. This eliminates the need to support multiple communication paths on the device, and all security efforts can be focused on the single existing channel.
Risk can also be reduced by limiting the total amount of information stored on the device, minimizing any data obtained should the device fall victim to an attack. The application can be built so that no user data whatsoever is stored locally except for Wi-Fi credentials so the device can automatically reconnect to Wi-Fi after being rebooted. A token will allow the device to send data to the remote server and the local Wi-Fi credentials. Of course, this data must all be encrypted.
2. No plain text
This point cannot be overstated. Do not store sensitive information in plain text anywhere, ever. Devices can be allowed to receive user information from a mobile app during configuration. The device then forwards that data to the remote server and does not retain a local copy. This ensures that the device, when it is registered with the remote server, is coming from a valid user. However, all data must be encrypted before it is sent to the device and decrypted only after it has been passed to the remote server.
This also applies to communications between devices. When possible, always communicate over secure channels: WSS or HTTPS for web traffic and MQTT over TLS rather than simple TCP. Depending on hardware design restrictions, it can be difficult to implement secured communication protocols. In this case, good secure design is just as important as secure implementation. Insecure channels are not inherently bad -- and can be a positive from a cost perspective -- as long as the data being sent is not sensitive.
3. Test for potential vulnerabilities
One more way to avoid vulnerabilities is to test the system as frequently as possible. Bugs that can be exploited are often found long after a product is purchased. As more devices are integrated into an agency, the possibilities for weak points also increase. When code is altered or changed, such as when a user inputs feedback, tests can be run to prevent a possible security risk from forming. This is particularly important in systems with a large number of users. But of course, developers obviously cannot reasonably expect to foresee all potential vulnerabilities, which is why updates are equally critical.
4. Allow for updates
Finally, it’s important to address and mitigate any possibility for cyber attacks preemptively. Over-the-air updates can help to address any bugs or vulnerabilities once a product has been implemented -- even approving or applying updates automatically. Despite all efforts to minimize cyber risks, no system is perfect, and even the most intricately planned security practice can have flaws. The reality is that as the more connected devices rapidly go to market, the higher the chances are that these products could contain potential cyber vulnerabilities.
While the Internet of Things Cybersecurity Improvement Act intends to limit cyber risks, federal IT departments must always carefully evaluate their IoT devices to protect sensitive and mission-critical information.
Ben Wald is co-founder and VP of solutions implementation at Very.