Physical dangers for devices connected to the Internet of Things

Securing the Internet of Things (IoT) is a top priority for many organizations, as the value of their assets related to the IOT and the number of IOT-connected devices continues to increase. The IoT is by nature distributed and fragmented, with a vast attack surface. Devices themselves are often not secured physically, and can be accessed by many different people. This lack of physical security creates a viable and potent severe security risk to the IoT ecosystem. A simple physical hack at any point in the system can pave the way for deep infiltration of a system, and subsequent hacks can be applied remotely, exposing vulnerabilities in thousands of devices. According to TechTarget, 200 billion IoT-connected devices were deployed by the end of 2020, and this number is expected to continue to grow exponentially.

Understanding physical security
Physical security or hardware security, involves securing physical (often silicon) elements of a system. Physical attacks require close proximity to compromise the IoT ecosystem. Some IoT deployments, such as connected lighting or medical devices, use AES encryption to deliver firmware updates. An authorized source that can prove the knowledge of AES secret keys is the only way to securely deliver the updates. A hacker would have to steal these AES credentials and use the stolen keys to hijack the network, but they would need to be within the proximity of the device. A non-invasive attack means that the attacker must come close enough to target the chip and sense electrical characteristics. By targeting these electrical impulses, a hacker can change the behavior of the devices and access sensitive information. An invasive attack requires that the chip surface be exposed. The hacker can then physically manipulate the chip itself, altering its characteristics.

Types of attacks
Side channel analysis, or SCA is a common hacking protocol, which consists of a non-invasive attack. The hacker analyzes a power signature or Electro Magnetic radiation to extract the key in order to penetrate the network and drag out sensitive information.  A tamper attack is an invasive attack. The hacker physically tampers with the metal wires using micro probes to alter the circuit behavior by overdriving the chip. A fault injection or perturbation attack can be both invasive and non-invasive. These are triggered when the hacker induces a faulty behavior in a system. This compromises security via a fault or "glitch" that lets the hacker influence behavior and gain access. A clock, power supply, temperature control, or other environmental control is a common point of entry for perturbation attacks. Open internet ports are also a major concern, according to CPO Magazine.

Physical security is becoming more important
Previously, physical attacks were considered the most difficult, and most IoT device tampering was software-based. However, other vulnerabilities have become more secure and more difficult to hack, while incentive to attempt a breach continues to rise. The value of assets involved, and the proliferation of physical devices provides opportunities for attacks at scale, and hackers are returning to physical attempts in greater numbers. Investing in physical security should be an imperative for companies that have invested heavily in IoT.

Perle can help you create a robust and secure setting that will be able to control access to IoT-connected devices. Read our customer stories to find out more.