IoT and Security in the Supply Chain: Making Smart Choices
There's a lot of confusion about the Internet of Things and security in enterprise environments. In reality, IoT is not just one thing, and the type of IoT solution as well as the environment in which it is used should dictate security requirements.
To make informed security decisions regarding an IoT solution for your organization, think in terms of a “threat model”—a profile that combines your security concerns, the likely attack scenarios, and corresponding safeguards.
What Can Happen?
Some of the most common threat models for IoT solutions include the following repercussions:
- Physical harm. If your IoT system controls physical equipment, i.e. an industrial automation system, an attack could damage your equipment or facility.
- Data corruption. An attacker could send false data (or block data from being sent), causing you to make wrong decisions.
- Espionage. An attacker could “snoop” on sensitive data.
For each potential attack scenario, it’s useful to ask, “What are the consequences?” to determine the severity of the attack and prioritize concerns. For example, the threat of losing IoT data for one hour due to jamming is probably less serious than the risk of ongoing data loss.
In addition, consider what reasons an attacker might have to pursue the attack goals you’ve outlined. A scenario with a clear benefit to the attacker is often a bigger concern than one without any clear motivation.
How Would It Happen?
Once you’ve considered what could happen, next ask, “How likely and through which means is it to occur?” Examine potential attack pathways and the security weaknesses that might enable them. IoT vulnerabilities might include configuration errors, misuse of access privileges, or network communication weaknesses.
For instance, consider whether an attacker needs physical access to the device, and if so, how resistant the device is. A device outside a building in a remote area may be more of a risk than a device inside a locked container. Also consider the device itself—what skillset, tools, and length of time are required to tamper with it, and would the ends justify the means?
When determining the threat model for your environment, consider the potential avenue of attack presented by your IoT device’s communications protocol. Most IoT devices use a wireless communication system, such as:
- Bluetooth. Bluetooth supports a number of security mechanisms for different protocol versions. While the simplest security setting offers little protection from nearby eavesdroppers, other settings offer authentication and encryption mechanisms that improve security, often at the cost of ease of deployment and maintenance.
- Wi-Fi. Security for Wi-Fi-connected IoT devices can be complicated. While the original protocol is not well-suited for mobile IoT devices, mechanisms are being introduced to improve security. However, these improvements often have negative repercussions on operational costs, ease of setup, and compatibility.
- Cellular. IoT devices that use cellular networks come with a fair amount of built-in security, as outlined in a recent paper from the cellular standards group GSMA. Security researchers have demonstrated ways to intercept a cell signal with specialized equipment, but these attacks generally require the attacker to be in close proximity to the targeted device.
After identifying the potential attack scenarios, consider the IoT solution’s existing countermeasures. For instance, IoT devices can be designed to alert you when tampering occurs, user accounts can be restricted to limit misuse, and the system as a whole can be architected to maintain security even if a specific sensor has been compromised.
Making the Final Call
IoT is creating amazing opportunities for organizations to process data and automate environmental interactions in new ways. As with all advances, IoT comes with risk. Organizations that are clear-eyed about evaluating these risks will find and deploy IoT solutions to derive enormous supply chain value while managing security risks.