Pentester’s Guide to IoT Penetration Testing

IoT penetration testing specifics from a certified ethical hacker with 5+ years of experience.

With the growing risk to IoT security, penetration testing vendors face multiple queries from companies and individuals, who want their IoT environment to be tested against potential cyber-attacks. Usually, security service providers don’t have specialists in IoT penetration testing, so it must be performed by a regular security team. What are the specifics of IoT penetration testing? Let’s dig deeper into the topic.

Tapping into IoT penetration testing, security engineers may wrongly consider this domain less challenging, as the IoT environment doesn’t have the most common vulnerability: human error (according to CompTIA, this is the major cause for 52% of security breaches). Most Internet attacks involve a user clicking a malicious link or opening an infected email. With IoT environment, there is no one to lure, so it’s harder to break into. This supposition is deceptive. Here’s what CSO says about IoT breaches in 2017: “Aruba Networks, Hewlett Packard Enterprise wireless networking subsidiary, has revealed that 84 percent of companies have already experienced some sort of IoT breach in a new study involving over 3,000 companies across 20 countries”. Intruders have more opportunities to breach an IoT system, as its architecture comprises a number of elements that become potential hacker’s targets.

Typically, an IoT architecture consists of the following components:

  • Things: Smart devices equipped with sensors and actuators.
  • IoT field Gateways: Border elements that provide connectivity between things and the cloud part of an IoT solution.
  • Cloud gateways: Components facilitating data compression and transmission between the gateways and cloud servers.
  • Streaming data processor: An element ensuring a smooth transition of input data to a big data warehouse and control applications.
  • Data storage: Consists of a data lake (stores unprocessed data (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Uladzislau Murashka. Read the original post at: