Like coffee makers that automatically have a “cup of joe” ready when you wake up, thermostats that adjust automatically to your preference, or doorbells that can answer from afar, we love it when the internet makes our daily lives better.
With the conveniences that the Internet of Things (IoT) adds to our everyday lives, it's hard to imagine what life was like before you could check your email or stream live video to your smart TV. You can read the morning news displayed on your Samsung refrigerators' “smart fridge” Wi-Fi connected touch screen as you sip your morning coffee and review your shopping list, which is also displayed on your refrigerator's touch screen. Switch lights on and off throughout your home with your phone or a voice command. Have Alexa turn on the air conditioning via a wireless thermostat like the Nest or Honeywell.
With great convenience comes a larger digital footprint that an attacker could potentially use to gain access into your most secret data. When technology is placed on items that never had it before, users and the companies that design them run into security challenges that no one thought about or considered before.
There are a lot of fun things you can do with IoT devices and appliances. Simulate a ‘ghost', switching the lights on and off in a pattern. Turn the heater on during winter and the air conditioning over the summer. Has the food inside the fridge gone bad with the change of a few temperature levels? These are just a few scenarios where the IoT can affect your everyday life in a positive and negative way. Interestingly, these IoT devices must all be connected to the wireless router in your house to communicate with the IoT hub and all other IoT devices.
Since IoT devices typically run on some form of Linux or Android operating system, they too have vulnerabilities that are researched and discovered. Looking at the various devices that are part of our lab environment, we found the following vulnerabilities:
- Ingress/Egress and DMZ router
o Cisco 105+
o Cisco Cable Modem with Digital Voice Remote Code Execution
o List of additional Cisco vulnerabilities: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-cmre
- User Network
o Linksys Wireless G
o 64 vulnerabilities exist on this platform
o List of additional Linksys vulnerabilities: https://www.cvedetails.com/vulnerability-list/vendor_id-833/Linksys.html
- Alarm System
o NETGEAR Wireless-N 150 Router WNR1000 v2
o List of 59 NetGear vulnerabilities, some apply: http://www.cvedetails.com/vulnerability-list/vendor_id-834/Netgear.html
- Unlocking the Telnet Function: https://wiki.openwrt.org/toh/netgear/telnet.console
- Wireless Hub
o Wink, Inc Model: Wink Hub
- Attacks through simple HTTPS requests: http://www.networkworld.com/article/2952718/microsoft-subnet/security-holes-in-the-3-most-popular-smart-home-hubs-and-honeywell-tuxedo-touch.html
The upside is that we are able to do things we never imagined. But as with every good thing, there's a downside. As we review these vulnerabilities, you may find several points where the perimeter of your network could be penetrated by cyber-criminals to gain access to the wireless hub that controls the Internet of Things in your home. The average duration of time that an attacker remains on a network is about 229 days – and that is on a network that is continuously being monitored. When was the last time you actually looked through your home wireless router logs looking for unusual behaviour?
This sort of attack seems like an awful lot of work. In reality, it's not, but for the sake of this scenario, let's just say that it is. Hackers could take an easier route through social engineering, or sampling by getting a family member to open an email or click on a link leading to a workstation that bypasses all of your implemented firewalls, IP filters, and antivirus programs. Once hackers have access to a workstation, they can begin to map out the digital devices and routers throughout the house.
This may take time, as devices are taken in and out of the house. The ideal hacking scenario for an attacker would be an unattended workstation that is turned on 24/7 and gets predictable usage.
If you must, go ahead and leave your computers on 24/7, but at least turn off Bluetooth and Wi-Fi when you're not at your workstation. Make sure you use unique but memorable passwords (phrases often work well). Rotate all passwords regularly, and keep your devices updated with the latest patches and upgrades for better functionality and security. Anytime you update one of your devices, double check the settings to make sure that security features such as an enabled firewall or IDS are not turned off as part of the new install. Always disable HTTP/HTTPS management of the device from outside sources, namely any IP address outside of your house. These security measures should not be overlooked and staying up-to-date with the latest vulnerabilities is necessary to ensure basic security is maintained on your IoT devices in your household.
And not just your household - the same applies to your employees. Teaching staff how to defend their home network will help instill a security awareness at the workplace - as well as making them and your organisation less susceptible to cross infection from infiltration on their personal devices used for work purposes.
Contributed by Stephen Coty, chief security evangelist, Alert Logic