Black Hat 2017: 9 IoT Security Threats To Watch
The Internet Of Threats
The threat around Internet of Things devices is becoming more real. That risk was front and center at Black Hat 2017 in Las Vegas this week, with many presentations detailing vulnerabilities in a variety of IoT connected systems, including power grids, smart locks, sensors, smart buildings, cars and more. As more devices get connected to the Internet – with 8.4 billion connected devices in 2017 and more than 20 billion connected devices by 2020, according to Gartner – here are nine threats to watch around IoT from Black Hat this year.
Smart Locks
Smart lock technology is becoming more prevalent, but it is also vulnerable to attack. A presentation by NewAE Technology CEO and CTO Colin O'Flynn detailed and demonstrated vulnerabilities into consumer-grade electronic locks, potentially allowing him to break into the locked environment. The vulnerabilities discussed were focused on hardware-based attacks.
Wind Farm Control Networks
Critical infrastructure attacks were front and center at Black Hat this year, including a presentation by University of Tulsa Security Researcher Jason Staggs on wind farm control network attacks. Staggs said a two-year study for a variety of U.S. wind farms showed flaws in vendor design and implementations (especially around IEC 61400-25 communication protocols) that have left systems vulnerable to attack. He said the wind turbine programable automation controls and OPC servers are particularly vulnerable, as shown through proof-of-concept tools. As wind energy becomes more popular, Staggs said it will become an increasingly more appealing target for attackers.
Power Grids
Recent high-profile attacks on power grids were a hot topic at Black Hat, with multiple presentations diving into attacks targeting the power grid and power grid security. Researchers from ESET and Dragos outlined an ICS tailored malware targeting power grid operations at scale, a malware family it called CrashOverride. The malware research follows on the 2016 power grid attacks in Ukraine, where ESET had obtained a malware sample it called Industroyer. The researchers said the malware could be repurposed or modified to attack power grids in Europe and the U.S.
More Power Grids
A second presentation on power grid insecurities, by New York University Ph.D. candidates Anastasis Keliris and Charalambos Konstantinou and Assistant Professor Mihalis Maniatakos detailed a critical vulnerability they found in General Electric Multilin products, which are used in power grid systems. After breaking the encryption algorithm, the researchers were able to authenticate users and access privileged operations, ultimately allowing them to disconnect power grid sectors and lock out operators.
Car Hacking
Car hacking has been a topic of Black Hat threat research for the past few years, and Black Hat 2017 was no exception. This year, security researchers from KeenLab at Tencent detailed a successful remote attack on a Tesla Model S. The attack gained entrance through the car's wireless system, then compromised in-vehicle systems to ultimately inject CAN messages into the CAN Bus. The researchers said Tesla has already pushed an update to systems to fix the problem and added code signing protection to cars as a result.
Devices With MEMS Sensors
Security researchers from the Mobile Security Team of Alibaba Group, CAICT and Tsinghua University showed how devices with MEMS sensors, including accelerometers and gyroscopes, could be attacked with acoustic waves at certain frequencies, ultimately spoiling the data. Devices that could be impacted by this attack include VR devices, self-balancing vehicles, drones and smartphones. The researchers said they used a home-built ultrasound/sound emitting system to impact virtual reality systems, including steering a virtual world and triggering quakes. They also showed how they could cause a self-balancing vehicle to lose balance or cause a crash. The researchers said there are both software and hardware ways to counteract this type of vulnerability.
Smart Buildings
As more buildings become "smart buildings" to take advantage of energy efficiency, improve access and add comforts, they are also becoming more vulnerable, according to a Black Hat presentation by Limes Security, University of Applied Sciences St. Poelten Professor Thomas Brandstette. Brandstetter demonstrated how security is often being overlooked in these systems, with easily exploitable vulnerabilities that could impact automation protocol functions and allow access to internal networks.
Industrial Robots
Industrial robots, often used for manufacturing, are also vulnerable to cyberattacks, security researchers from Trend Micro and Politecnico di Milano showed at Black Hat this year. Researchers showed how vulnerabilities in an industrial robot system could allow for an altered product, damaged robot, stolen IP or injured humans. The researchers said other vulnerability points could include embedded controllers and industrial routers.
Radiation Monitoring Devices
IOActive Principal Security Consultant Ruben Santamarta detailed the threat posed by radiation monitoring devices, which are now in all sorts of critical infrastructure environments, including power plants, seaports, borders and hospitals. He said vulnerabilities in these systems can include software, firmware reverse engineering, RF analysis and hardware hacking.