Feb 27 2025

Cyber threats to the Internet of Things (IoT)

Category: IoT Securitydisc7 @ 10:06 am

Device Vulnerabilities – Sensors and actuators in IoT devices may have weak security, making them susceptible to unauthorized access, tampering, or exploitation.

Network Attacks – IoT systems rely on networked IT infrastructure, which can be targeted by cyber threats such as data interception, man-in-the-middle (MITM) attacks, and denial-of-service (DoS) attacks.

Data Integrity and Privacy Risks – The transmission of sensitive data (e.g., medical monitoring or environmental data) creates risks of interception, manipulation, or unauthorized access, leading to privacy violations or incorrect system responses.

AI Exploitation – If AI is used for decision-making in IoT systems, it could be vulnerable to adversarial attacks, data poisoning, or biased decision-making that impacts the reliability of the system.

Physical Security Risks – As IoT systems interact with the physical world, compromised devices could cause real-world harm, such as tampering with industrial equipment, medical devices, or environmental monitoring systems.

Insider Threats – Unauthorized or malicious use of IoT devices by internal actors could lead to data leaks, system disruptions, or unauthorized modifications to physical processes.

Lack of Standardized Security Measures – IoT ecosystems often involve diverse devices and manufacturers, leading to inconsistent security implementations, outdated firmware, and a lack of unified security governance.

Here’s a more detailed breakdown of cyber threats to IoT systems:

1. Device Vulnerabilities

  • Insecure Firmware and Software: Many IoT devices have outdated or unpatched firmware, making them easy targets for attackers.
  • Hardcoded Credentials: Some devices come with default or hardcoded passwords that users fail to change, leaving them exposed to brute-force attacks.
  • Lack of Security Updates: Many IoT devices do not support over-the-air updates, leading to long-term security risks.

2. Network Attacks

  • Man-in-the-Middle (MITM) Attacks: IoT devices transmit data over networks, which can be intercepted if communication channels are not properly secured (e.g., lack of encryption).
  • Denial-of-Service (DoS) Attacks: Attackers can flood IoT networks with traffic, rendering critical systems (e.g., medical monitoring or industrial control systems) unusable.
  • Rogue Devices and Spoofing: Attackers can introduce malicious IoT devices into a network to manipulate legitimate data flows or gain unauthorized access.

3. Data Integrity and Privacy Risks

  • Data Tampering: If an attacker manipulates sensor data (e.g., changing environmental monitoring readings), it can lead to incorrect responses or actions.
  • Unauthorized Data Access: IoT systems collect sensitive data, including medical or environmental data, which can be stolen and misused.
  • Lack of Encryption: Many IoT devices do not encrypt data at rest or in transit, making them vulnerable to eavesdropping and data breaches.

4. AI Exploitation

  • Adversarial Attacks: Attackers can manipulate AI models used in IoT decision-making by feeding them incorrect or biased data, leading to incorrect system responses.
  • Data Poisoning: If the AI relies on compromised data from sensors, it could make faulty predictions or automate incorrect actions (e.g., failing to detect a medical emergency).
  • Model Inference Attacks: Attackers could extract sensitive information from AI models used in IoT decision-making, compromising system security.

5. Physical Security Risks

  • Device Tampering: Attackers with physical access to IoT devices (e.g., sensors, cameras, industrial controllers) can modify them to manipulate system behavior.
  • Sabotage: IoT devices in critical infrastructure (e.g., smart grids, industrial control systems) can be physically damaged or disabled, leading to operational failures.
  • Supply Chain Attacks: IoT components can be compromised during manufacturing or distribution, introducing backdoors or vulnerabilities.

6. Insider Threats

  • Unauthorized Access by Employees: Internal users may exploit weak security controls to access sensitive data or manipulate IoT system functions.
  • Misconfigurations: Accidental misconfigurations by employees can expose IoT systems to cyber threats.
  • Malicious Insiders: Employees or contractors with legitimate access may intentionally exploit vulnerabilities to disrupt operations or steal data.

7. Lack of Standardized Security Measures

  • Interoperability Issues: IoT ecosystems consist of multiple vendors with varying security standards, leading to inconsistencies in security practices.
  • Lack of Centralized Security Management: Many IoT deployments lack a centralized security framework, making monitoring and incident response difficult.
  • Weak Authentication and Authorization: Poor access control mechanisms allow unauthorized users or devices to access critical systems.

Conclusion

IoT security threats arise from a combination of device vulnerabilities, network risks, data integrity challenges, AI exploitation, physical security issues, insider threats, and lack of standardized security practices. Securing IoT systems requires a multi-layered approach, including strong encryption, regular firmware updates, AI security measures, access control, and physical security protections.

IoT for Defense and National Security

DISC InfoSec previous posts on IoT security category

What does it mean to live in a world where IoT devices can be weaponized

ISMS and ISO 27k training

InfoSec services | InfoSec books | Follow our blog | DISC llc is listed on The vCISO Directory | ISO 27k Chat bot | Comprehensive vCISO Services | ISMS Services | Security Risk Assessment Services

Tags: IoT security

Aug 18 2021

Kalay cloud platform flaw exposes millions of IoT devices to hack

Category: IoT SecurityDISC @ 11:36 am
Kalay cloud platform flaw exposes millions of IoT devices to hack

FireEye Mandiant researchers have discovered a critical vulnerability in the Kalay cloud platform that exposes millions of IoT devices to attacks.

Researchers at FireEye’s Mandiant have discovered a critical vulnerability, tracked as CVE-2021-28372, in a core component of the Kalay cloud platform which is used by millions of IoT devices from many vendors.

The flaw could be easily exploited by a remote attacker to take over an IoT device, the only info needed for the attack is the Kalay unique identifier (UID) of the targeted user. The identifier could be obtained via social engineering.

“The vulnerabilities described in this post affect a core component of the Kalay platform. Mandiant was not able to create a comprehensive list of affected devices; however, ThroughTek’s website reports more than 83 million active devices on the Kalay platform at the time of writing this post.” states the report published by Mandiant. “An attacker would require comprehensive knowledge of the Kalay protocol and the ability to generate and send messages. The attacker would also need to obtain Kalay UIDs through social engineering or other vulnerabilities in APIs or services that return Kalay UIDs. From there, an attacker would be able to remotely compromise affected devices that correspond to the obtained UIDs.”

An attacker that has obtained the UID of a targeted device could send a specially crafted request to the Kalay network to register another device with the same UID on the network. Then the Kalay servers will overwrite the existing device. Once the victim will connect the device, his connection will be directed to the attacker that could obtain the credentials used by the victim to access the device.

Most of the devices using the platform are video surveillance products such as IP cameras and baby monitors, an attacker could exploit this flaw to eavesdrop audio and video data.

The attacker could also use RPC (remote procedure call) functionality to completely take over the device.

Practical IoT Hacking: The Definitive Guide to Attacking the Internet of Things

Tags: IoT, IoT devices, IoT Hacking, IoT security

Jun 19 2021

Preventing security issues from destroying the promise of IoT

Category: IoT SecurityDISC @ 12:50 pm
Preventing security issues from destroying the promise of IoT

Tags: IoT Hacking, IoT security

May 25 2021

New Bluetooth Flaws Let Attackers Impersonate Legitimate Devices

Category: BluetoothDISC @ 8:49 am

Adversaries could exploit newly discovered security weaknesses in Bluetooth Core and Mesh Profile Specifications to masquerade as legitimate devices and carry out man-in-the-middle (MitM) attacks.

“Devices supporting the Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure that could allow an attacker to impersonate a legitimate device during pairing,” the Carnegie Mellon CERT Coordination Center said in an advisory published Monday.

The two Bluetooth specifications define the standard that allows for many-to-many communication over the short-range wireless technology to facilitate data transfer between devices in an ad-hoc network.

The Bluetooth Impersonation AttackS, aka BIAS, enable a malicious actor to establish a secure connection with a victim, without having to know and authenticate the long-term key shared between the victims, thus effectively bypassing Bluetooth’s authentication mechanism.

“The BIAS attacks are the first uncovering issues related to Bluetooth’s secure connection establishment authentication procedures, adversarial role switches, and Secure Connections downgrades,” the researchers said. “The BIAS attacks are stealthy, as Bluetooth secure connection establishment does not require user interaction.”

“To confirm that the BIAS attacks are practical, we successfully conduct them against 31 Bluetooth devices (28 unique Bluetooth chips) from major hardware and software vendors, implementing all the major Bluetooth versions, including Apple, Qualcomm, Intel, Cypress, Broadcom, Samsung, and CSR.”

In addition, four separate flaws have been uncovered in Bluetooth Mesh Profile Specification versions 1.0 and 1.0.1. A summary of the flaws is as follows –

  • CVE-2020-26555 – Impersonation in Bluetooth legacy BR/EDR pin-pairing protocol (Core Specification 1.0B through 5.2)
  • CVE-2020-26558 – Impersonation in the Passkey entry protocol during Bluetooth LE and BR/EDR secure pairing (Core Specification 2.1 through 5.2)
  • N/A – Authentication of the Bluetooth LE legacy pairing protocol (Core Specification 4.0 through 5.2)
  • CVE-2020-26556 – Malleable commitment in Bluetooth Mesh Profile provisioning (Mesh profile 1.0 and 1.0.1)
  • CVE-2020-26557 – Predictable AuthValue in Bluetooth Mesh Profile provisioning (Mesh profile 1.0 and 1.0.1)
  • CVE-2020-26559 – Bluetooth Mesh Profile AuthValue leak (Mesh profile 1.0 and 1.0.1)
  • CVE-2020-26560 – Impersonation attack in Bluetooth Mesh Profile provisioning (Mesh profile 1.0 and 1.0.1)

“Our attacks work even when the victims are using Bluetooth’s strongest security modes, e.g., SSP and Secure Connections. Our attacks target the standardized Bluetooth authentication procedure, and are therefore effective against any standard compliant Bluetooth device,” the researchers said.

The Android Open Source Project (AOSP), Cisco, Cradlepoint, Intel, Microchip Technology, and Red Hat are among the identified vendors with products impacted by these security flaws. AOSP, Cisco, and Microchip Technology said they are currently working to mitigate the issues.

The Bluetooth Special Interest Group (SIG), the organization that oversees the development of Bluetooth standards, has also issued security notices for each of the six flaws. Bluetooth users are recommended to install the latest recommended updates from device and operating system manufacturers as and when they are available.

Source: The Hacker News

Tags: IoT security