IoT device security: problems and recommendations

security

The Broadband Internet Technical Advisory Group (BITAG) has released a report detailing the security issues with IoT devices and a range of recommendations to solve these issues. This article is a summary of BTAG’s security observations and recommendations. 

Problem

Security vulnerabilities: Some IoT devices are shipped with software that is already outdated or becomes outdated over time. Other devices may be sold with more current software, however vulnerabilities will be found in the future. A device tends to become increasingly vulnerable over time unless it has a mechanism to update its software.

Recommendation

IoT devices should use best current software practices: Devices should ship with reasonably current software and they should have a mechanism for automated, secure software updates. They should also use strong authentication (passwords and user names) by default and device configurations should be tested and hardened.

The IoT supply chain should play their part in addressing IoT security and privacy issues: The IoT supply chain should ensure devices have a clear privacy policy, a reset mechanism that clears all configuration (for when a user returns or resells the device), and a bug reporting system. Manufacturers also need to protect the software supply chain to prevent the introduction of malware in the manufacturing process, and report the discovery and remediation of software vulnerabilities that pose a threat to users.

Problem

Insecure communications: Security functions designed for more general purpose computing devices do not necessarily transfer well to IoT devices, which have different use purposes and in turn, vulnerabilities. Examples of insecure communications on IoT devices include unauthenticated communications, unencrypted communications, lack of mutual authentication and authorisation and lack of network isolation.

Recommendation

IoT devices should be restrictive rather than permissive in communicating: When possible, devices should not be reachable through inbound connections by a default. Devices also should not rely on the network firewall alone to restrict communication.

Problem

Data leaks: IoT devices can expose private user data, both from the cloud and between IoT devices themselves.

Recommendation

See insecure communications and security vulnerabilities recommendations.

Problem

Susceptibility to malware and other viruses: Viruses can disrupt IoT device operations, gain unauthorised access or launch attacks.

Recommendation

See security vulnerabilities recommendation.

Problem

Potential for service disruption: Loss of availability or connectivity not only diminishes the functionality of IoT devices, but it can also affect security if the device can no longer function without this connectivity (eg. an alarm system deactivating when connectivity is lost).

Recommendation

IoT devices should continue to function if internet connectivity is disrupted: An IoT device should be able to perform its primary functions without the internet, as internet connectivity could be disrupted for a range of reasons including accidental misconfiguration or intentional attack. IoT devices should also continue to function if the cloud back-end fails.

Problem

Potential for security and privacy issues to persist: Security and privacy issues could persist as many devices will never receive a software update, either because the manufacturer does not supply updates or because users do not download available updates.

Recommendation

See security vulnerabilities recommendation.