18. IoT Hacking

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Steps Pen Testing IoT devices

1. discover IoT devices 2. hardware analysis 3. firmware and OS analysis 4. wireless protocol analysis 5. mobile application testing 6. web application testing 7. cloud services testing 8. document all the findings

OWASP Top 10 IoT Vulnerabilities

1. insecure Web interface 2. Insufficient authentication/ authorization 3. insecure network services 4. lack of transport encryption/ integrity verification 5. privacy concerns 6. insecure cloud interface 7. insecure mobile interface 8. insufficient security configuribility 9. insecure software/ firmware 10. poor physical security

IoT Architecture

Application Layer Middleware Layer Internet Layer Access Gateway Layer Edge Technology Layer

Exploit Kits

Attacker uses malicious script to exploit poorly patched vulnerabilities in an IoT device

Side Channel Attack

Attackers extract info about encryption keys by observing the emission of signal

Forged Malicious Devices

Attackers replace authentic IoT devices with malicious devices, if they have physical access to the network.

Sybil Attack

Attackers uses multiple forged identities to create a strong illusion of traffic congestion, effecting communication between neighboring nodes and networks

Short-range Wireless Communication

Bluetooth low energy Light-fidelity LiFi Near Field Communication QR Codes and Barcodes Radio Frequency Identification Thread Wifi Wifi Direct z-wave ZigBee

IoT Pen Testing

Close unused ports and unnecessary /unknown open ports Disable unnecessary service Provide protection against unauthorized access and usage of the device Design a mechanism for uninterrupted flow of info between two endpoints Provide protection against elevation of privileges Enhanced the device's data encryption policy Enhance the security of web application and provide data privacy Harden the overall device's security

IoT Threats

DDoS attacks Attack on HVAC systems Rolling code attack BlueBorn attack Jamming attack Remote access using backdoor Remote access using Telnet Sybil attack Exploit kits MITM Replay attack Forged malicious device Side channel attack Ransomware

IoT Attack Surface Areas

Device memory Ecosystem access control Device physical interfaces Device web interface Device firmware Device network services Administrative interface Local data storage Cloud web interface Update mechanism Third party backend APIs Mobile application Vendor backend APIs Ecosystem communication Network traffic

IoT Communication Models

Device-to-Device Model Device-to-Cloud Model Device-to-Gateway Model Back-End Data-Sharing Model

IoT Framework Security Considerations

Edge communications encryption storage encryption update components no default passwords Gateway multi-directional encrypted communications strong authentication of all the components automatics updates Cloud Platform encrypted communications secure web interface authentication encryption storage automatic updates Mobile local storage security encrypted communications channels multi-factor authentication account lockout mechanism

Wired Communication

Ethernet Multimedia over Coax Alliance MoCA Power-line Communication PLC

Medium-range Wireless Communication

Ha-low LTE advanced

IoT Hacking Methodology

Information gathering Vulnerability scanning Launch attacks Gain Access Maintain access

Challenges of IoT

Lack of security and privacy Vulnerable web interfaces Legal regulatory and rights issues Default, weak, and hardcoded credentials Clear text protocol and unnecessary open ports Coding errors Storage issues Difficult to update firmware and OS Interoperability standard issues Physical theft and tampering Lack of vendor support for fixing vulnerabilities Emerging economy and development issues

Long-range Wireless communication

Low-power Wide-area Networking LPWAN -loRa WAN -Sigfox -Neul Very small aperture terminal VSAT Cellular

Exploit HVAC

Many organizations use internet connected heating, ventilation, and air conditioning systems without implementing security mechanisms, giving attackers a gateway to hack corporate systems HVAC systems have many security vulnerabilities that are exploited by attackers to steal login credentials, gain access to HVAC system and perform further attack on the organization's network

BlueBorne Attack

Performed on Bluetooth connections to gain access and take full control of the target device It is a collection of various techniques based on the known vulnerabilities of Bluetooth protocol BlueBorne is compatible with all software versions and does not require any user interaction or precondition or configuration except that the Bluetooth being active After gaining access to one device, an attacker can penetrate into any corporate network using that device to steal critical information about the organization and spread malware to the nearby devices

IoT Operating Systems

RIOT OS ARM mbed OS RealSense OS X Nucleus RTOS Brillo Contiki Zephyr Ubuntu Core Integrity RTOS Apache Mynewt

IoT Internet of Things

Refers to the network of devices with an IP address that have the capability of sensing, collecting and sending data using embedded sensors, communication hardware and processors

Components of IoT

Sensing technology IoT Gateways Cloud Server/ Data Storage Remote Control using Mobile App

Jamming Attack

Type of attack in which the communication between wireless IoT devices are jammed in order to compromise it An attacker transmits radio signal randomly with a frequency as the sensor nodes are sending signals for communication As a result the network gets jammed making endpoints unable to send or receive any message

Rolling Code Attack

Use locking smart system that includes RF signal transmitted in the form of a code from a modern key fob that locks or unlocks the vihicle This code which locks or unlocks a car or a garage is called as Rolling Code or Hopping code Attacker using jammer to thwart the transmission of a code from the key fob to the receiver in the vehicle After obtaining the code, an attacker can use t o unlock can use it to unlock and steal the vehicle


Kaugnay na mga set ng pag-aaral

Chapter 8 Motivation and reward system management

View Set

Paper 3: History of the Americas: Civil War; causes, course, and effects (1840-1877)

View Set

Astronomy Ch. 21 TEST: Stellar Explosions

View Set

Chapter 26 Special Theory of Relativity

View Set

Pathology of Stroke (Cerebrovascular Disease)

View Set