Five (5) essential steps for securing the 5G Internet of Things (IoT)

5G wireless technology delivers higher capacity and lower latency, offering network connectivity that will accelerate innovation, zettabyte Internet growth, and according to IoT Analytics, 26 billion connected devices by 2022. With this exciting growth, IoT introduces security considerations that consist of:

Device Security -- IoT devices lack the necessary security capabilities such as encryption, authentication, and ability to update and patch vulnerabilities. For example, some IoT devices offer only default “admin” usernames and “1234” passwords.

Many Standards and Protocols -- There are a variety of standards and protocols governing the operating and communications of the devices that create interoperability and visibility challenges. For example, some devices may communicate using 4G, Bluetooth, Wifi, ZigBee, or Z-Wave all have varying levels of security capabilities.

Large Attack Surface – 26B disparate devices introduce many points of possible compromise, complex administration, management, and visibility problems.

IoT Exploits

Because of the lack of underlying device security, devices are easily infected with malware and may become zombie devices. Zombie devices can be instructed to perform Distributed Denial of Service (DDOS) attacks, spread viruses, steal data, or be used by SPAMers to launch email campaigns. 

 The following are examples of some IoT exploits.

Vehicle Hijacking

Cars today have control systems for cruise control, self-parking, and automatic start that all use the controller area network (CAN) bus that enables microcontrollers and devices to communicate with one another.  These systems control vehicle startup, acceleration, braking, and steering without driver intervention. There are examples of these systems being exploited and be remotely controlled. As smart driving cars become an inevitability, the question becomes, how do we prevent cars from being hacked? 

Power Grid Control

In 2018, the Department of Homeland Defense released an announcement that the Russian Government had been conducting cyber activity targeting the energy sector.  The Russian government was doing a multi-stage intrusion campaign. Although there was no damage to our power grid, it was clear that they were doing reconnaissance. 

Privacy Leaks

Skilled hackers can cause considerable damage just by identifying an unsecured IoT device that is leaking the internet protocol (IP) address, which can, in turn, be used to pinpoint a residential location.

Five Steps IoT Security

Given the challenges described here are five “best practices” for securing IoT.

Network Security and segmentation

Segmentation is a network security technique that logically divides the enterprise to distinct security segments offering a layered approach and protections between segments. These segments are device, gateway, and back-end applications. Between these segments,’ security controls should be implemented to provide the ability to collect, detect, and block malicious traffic. Security controls implemented between the network segments consist of an application firewall, intrusion detection, secure socket level encryption break and inspect, and full packet capture. Policies at the application firewall can provide granule flow security while enabling visibility and monitoring of traffic.

Device Security 

Since IoT devices vary in their security capabilities, I would suggest not using devices that use default passwords, do not support remote patching, and do not support encryption. Be sure to use passwords that have an adequate length with varying characters and number. Digital certificates would be the best approach for authenticating devices.

Data encryption

Encrypting your data on the device and in transit between devices and your back-end applications using standard AES 256 encryption will maintain data confidentiality. Unfortunately, IoT devices may limit the ability to encrypt data. If security is a concern, only implement devices that can encrypt data. If the business drives the need to deploy less secure devices you can tradeoff the risks and apply encryption between gateways and back-end applications.

Vulnerability management

Software vulnerabilities are found at an alarming pace, and keeping software updated can be a challenge. To have a thriving patch management program you need three (3) things: 1) asset and configuration management (know what needs to be patched); 2) tools that can identify and report on vulnerabilities as they are identified (know when to patch); and 3) scanning and tracking (know when your patched). By performing routine scanning of your enterprise and developing remediation plans for vulnerabilities, you will reduce the risk of exploited systems.

Security analytics 

You cannot protect what you cannot see. Collecting, aggregating, and analyzing data from IoT devices and providing actionable reporting and alerting on speci?c activities or when activities fall outside established policies. Solutions are emerging that add machine learning, arti?cial intelligence, and other big data techniques to provide predictive anomaly detection. IoT use cases should be implemented to offer specific IoT analytics.

Reference

Knud Lasse Lueth, IoT Analytics, “State of the IoT 2018: Number of IoT devices now at 7B – Market accelerating”, August 2018. https://iot-analytics.com/state-of-the-iot-update-q1-q2-2018-number-of-iot-devices-now-7b/