The explosive growth of the IoT has dramatically increased security vulnerabilities with over 70% of IoT devices being open to attacks and global IoT security spend is expected to reach $840 million by 2020 according to Gartner Report.
In our recent webinar, Christian Henke, EMnify's Head of Product discussed how your cellular connectivity provider can protect your IoT business from security breaches. Watch the recording and read about the top 5 best-practices you should consider to guard your organization against IoT attacks.
Mirai attack vector: Remote Access via public reachable address
IoT devices in the field often need to get unplanned data from the device or service personnel need to log in. With WiFi or cellular connectivity with public IPs, attackers have a large attack surface by being able to send data to the device. With private static IP addresses and VPN offered by the cellular provider enterprises' support teams can get secure remote access to the device. Attackers cannot reach the device from outside and cannot leverage the remote access channel as they first need to pass the authorization with the cellular connectivity provider.
Attack vector: Data Transmission over Public Internet
The usual data flow within cellular networks is from the:
1. device to the antenna,
2. through the mobile core network nodes of the visited network
3. through the mobile network of the home network of the SIM card
4. through public internet to the application (e.g. residing on AWS, Azure or Google)
Whereas path 1-3 is usually secured by the SIM card - path segment 4 is generally referred to as the internet gap because routing happens over public internet and the data is vulnerable to attacks.
Traditionally operators use costly private APNs and IPsec to close the gap and establish a secure private network between the device and the application. With EMnify's cellular cloud platform there is no need for APNs to establish a VPN/IPsec and moreover there is also the possibility to do a secure intra-cloud connect with customers that are already in the cloud. Watch the Cloud connect explainer video
3. Cellular Data Firewall
Mirai attack vector: Infected Device can be controlled by attacker and attack victim (illegitimate traffic destinations)
Traditional IoT attack malware such as Mirai is trying to take control over IoT devices to be able then to attack a different victim with a Distributed Denial of Service attack. Using a cellular data firewall the cellular connectivity provider can block any traffic that is not related to the legit application. Without any software adaptation, the device can only connect to the cloud and the SIM cards become mainly purposely built for the specific IoT use case.
There have been several attacks in the past on Voice and SMS services - such as Simjacker and Internation Revenue Share Fraud. By limiting or deactivating the Voice and SMS service capability for example only to internal communication, devices are more secure. Read on the blog on voice and SMS attacks.
Accurately measuring device data consumption and signaling pattern can help detect incidents caused by attackers, human error, or misconfigured devices. By utilizing the device, infrastructure, application, network, payload, and connectivity data – an IoT solution can be strengthened against unknown security holes.
Want to dive deeper into the topic of IoT? Join our upcoming webinar on the 16th of June, where metr - a PropTech startup in the field of smart building automation will be discussing how to get indoor cellular coverage where there is none and which antennas and applications make the housing industry more intelligent.
We value your privacy.