SBN

IoT Security Fundamentals: Intercepting and Manipulating Wireless Communications

Introduction: IoT Manufacturers Favor Convenience over Security

Because IoT security is still an afterthought, cybercriminals in general consider smart devices a “low-hanging fruit” – a target easy to compromise and manipulate.

Security (and privacy) by design is key for IoT, and probably the only effective way for a smart gadget to protect its communications is to encrypt them. Unfortunately, it is still not easy to reconcile convenience with security when it comes to low-resource apparatuses. For that reason alone, many IoT products come with either ineffective features that encrypt communications and stored data or none at all.

According to a 2020 report by a threat intelligence team called Unit 42, 98% of the 1.2 million IoT devices on corporate networks they analyzed had no capability to encrypt traffic. As a result, 57% of these IoT devices were susceptible to traffic interception and manipulation, among other things. The same report further showed that mixing IoT and IT assets on VLAN may be dangerous, as compromised employee IoT devices could spread malware onto corporate networks.

Aamir Lakhani, cybersecurity researcher and practitioner at FortiGuard Labs, explains the whole production conundrum surrounding smart things before Dark Reading:

“Designing a device that is easy to set up and also secure is difficult because manufacturers need to contend with a large variety of home networks, routers, access points, and other devices. Therefore, manufacturers make their devices accessible for ‘the least common denominator,’ which usually means using security protocols that are not always the most secure for every environment.”

Threats to IoT that Lurk in Unprotected Wi-Fi Networks

Harvesting public Wi-Fi traffic is more popular than ever, and unsecured IoT devices certainly contribute to the fact that this method is relatively easy to apply. Every attacker can perform the following on public networks with:

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Dimitar Kostadinov. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/l1ThUcLrqJ8/