LoRaWAN networks are frequently insecure, according to new research, opening them up to attackers. Once compromised, a LoRaWAN network could be fed faked data, which could have serious consequences for the often-industrial applications of the technology.
Cesar Cerrudo, CTO at IOActive told SC Media UK that the repercussions of a successful compromise could be huge: “Larger LoRaWAN deployments are starting to go live throughout Europe, but not all implementations are secure. Indeed, in our testing we found many common issues that could be exploited by attackers. In just one use case - smart metering - there are more than 100,000 devices currently live in Europe, presenting quite a significant attack surface.”
In addition, some industrial deployments of LoRaWAN use the network to monitor IoT sensors over significant distances, such as in refineries and oil and gas pipelines. In a worst-case scenario, an attacker could potentially spoof incorrect pressure readings to trick operators into increasing - or decreasing - pressure to dangerous levels. Other attacks could include data poisoning of ML or AI defences and monitoring systems relying on the sensor data.
The IOActive researchers found that while the LoRaWAN protocol itself is relatively secure (and the latest version even more so), errors in configuration and deployment often leave the root certificate keys poorly protected. Most source code includes hardcoded AppKeys (OTAA devices) and AppSKeys/NwkSKeys (ABP devices), which are meant to be replaced before deploying the device. Unfortunately, these keys are not always replaced, and devices are deployed with these hardcoded keys, which are easily compromised.
Other keys are easy-to-guess, said the researchers, because manufacturers use set conventions, such as AppKey = DevEUI + AppEUI or AppKey = AppEUI + DevEUI, while others use the same AppEUI and AppKey or the same AppEUI for all devices (DevEUI and AppEUI are values transmitted in cleartext in LoRaWAN messages).
Cerrudo continued: “Key management in LoRaWAN is currently a mess, and there are no audit tools available either, so testing for poor implementations or weak keys has not been possible, leaving enterprises in the dark. Until we released a LoRaWAN Auditing Framework there was no way to easily test LoRaWAN deployments, and compared to the advanced intrusion detection capabilities that enterprises are used to on other networks, this really is a blind spot.”
Another issue highlighted by the researchers is that earlier devices running older versions of LoRaWAN are already out of band, so vulnerable to any patched vulnerabilities. “It is usually not possible to migrate LoRaWAN 1.0.3 devices to version 1.1 due to hardware limitations. This implies that 1.0.3 devices will not receive any substantial security updates, making additional solutions necessary to secure the LoRaWAN implementation,” noted the researchers.
Cerrudo said: “The question of security updates is a big issue for IoT networks, especially when considering remote or inaccessible devices with power constraints. Another issue with these earlier devices is that while our recommendation for ensuring security in sensitive deployments, such as smart metering, is to use an SE on the devices and a Hardware Security Module (HSM) on the infrastructure, very few devices have adopted this to date.”
Perhaps inevitably, given these issues and the pilot nature of many LoRaWAN deployments to date, the researchers found ‘numerous’ Internet-facing servers via Shodan14 that were using default credentials, such as admin/admin, or weak credentials that are easy to guess, which would allow an attacker to log in and harvest keys for the network.
The full IOActive report, “LoRaWAN networks susceptible to hacking: common cyber security problems, how to detect and prevent them” is available here.