In this article, we will consider the vulnerabilities of IoT systems and 3 attack scenarios on devices of this type.
But first, it's worth understanding the terms: what is IoT? What can happen with an attack on IoT devices? Why is cybersecurity so important now?
Internet of things (eng. Internet of things, IoT) - the concept of a data transmission network between physical objects ("things"), equipped with built-in tools and technologies to interact with each other or with the external environment. © Wikipedia
The Internet of Things can be described as ordinary things connected to the network. IoT systems are combined into huge networks that allow you to manage yourself for convenience (smart homes), to track movements (cameras in the city), to collect data about users (cell towers).
Let's deal with security. Why are IoT devices not protected to the maximum? The point is that it is profitable for both society and business to produce fast devices with wide coverage. Data transmission security is fading into the background due to the decrease in speed and the rise in the cost of more secure devices. We can not blame only "huge corporations that wish us harm." Buyers themselves choose cheaper devices and do not provide minimal protection for their own personal data. Trustlook has published data on the number of customers leaving a preset password on their device, interacting with the network and susceptible to cyber attacks. ( Research ) Remember if you changed the password for your router? If not, maybe you should also think about safety?
Why is avoiding cyberattacks so important? Let me tell you about 5 use cases that have occurred in the last 10 years and caused a stir:
1. Mirai botnet
The incident took place in 2016, when a DDoS attack using IoT devices laid the servers of many large companies, including Twitter, Netflix, Reddit, and several major media outlets, including The Guardian and CNN, due to a DDoS attack.
2. Hacking heart devices St. Jude Medical
In early 2019, CNN confirmed that St. Jude Medical's implantable heart devices were vulnerable to hacker attacks. Having gained access, you can drain the device's battery, enter the wrong rhythm, or shock the user.
3. Hacking the heart monitoring system in children
Immediately after the news of the hacking of heart devices, a new one followed: The Owlet WiFi Baby Heart Monitor, which monitors the heart rate of babies, is also susceptible to attacks.
4. - TRENDnet
TRENDnet . , . , , , IP- .
5.
2015 , CAN- . , , . , .
(, ), ( , , ), , IoT , DDoS Mirai.
IoT-
IoT : LP-WAN (Low-power Wide-area Network — « ») .
LP-WAN . (.. ), , . « » LP-WAN - Sigfox, LoRa-WAN NB-IoT. LoRaWAN.
5 LoRaWAN: , , , .
IoT-: , signal intelligence, .
1.
- IoT , , , . , , , . , . .
2. (Signal Intelligence)
, , , payload . , payload. - LP-WAN, . / . , , , , , , , , .
3.
.. LP-WAN
, , , . : . LoRaWAN 125/250/500. , -, .
OSI:
) , /, ;
) -, , , .
? , , , .
4.
. 128 , . 10 LP-WAN. 5 , , -.
, ?
-, , .
-, , .
-, : , - .
-, .
- , , . , . , . .
2020 105 . IoT-.
, !