Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Enterprise Internet of Things Handbook

You're reading from   Enterprise Internet of Things Handbook Build end-to-end IoT solutions using popular IoT platforms

Arrow left icon
Product type Paperback
Published in Apr 2018
Publisher Packt
ISBN-13 9781788838399
Length 332 pages
Edition 1st Edition
Tools
Arrow right icon
Author (1):
Arrow left icon
Arvind Ravulavaru Arvind Ravulavaru
Author Profile Icon Arvind Ravulavaru
Arvind Ravulavaru
Arrow right icon
View More author details
Toc

IoT and security

Did you know that the first IoT murder was supposed to happen in 2014? Don't believe me, check out: First IoT-mediated murder could occur in 2014, experts warn http://www.itpro.co.uk/hacking/23242/first-iot-mediated-murder-could-occur-in-2014-experts-warn.

Security is a very important part of IoT, be it as simple as stealing data or monitoring your door sensor to know when you have left your home or spoofing a data record to indicate an unwanted event to create havoc. Security is essential.

Now we need to invest in a firewall for our toaster.

IoT devices are being used to perform DDoS attacks on other entities. Stealing data from a sensor is one thing, but reprogramming/hacking a smart device to think it is something else is a new level of disaster.

Mirai bot attack

On Friday October 21, 2016 there was a Distributed Denial of Service (DDoS) attack that took place on a DNS provider named Dyn, bringing down major websites such as Etsy, GitHub, Netflix, Twitter, and Spotify.

This was a Mirai bot attack (https://www.corero.com/resources/ddos-attack-types/mirai-botnet-ddos-attack.html). All this malware does is convert devices running Linux into remotely controlled Bots that can be used as part of the botnet for performing large-scale network attacks.

Old router and IP cameras were the major source of devices that were used in the attack that brought down part of the USA.

You can read more about the attack from Dyn here: https://dyn.com/blog/dyn-analysis-summary-of-friday-october-21-attack/.

This is just one of a few attacks that have happened in the recent past. You can find plenty more on the internet.

Ransomware

The new trend in IoT hacking is ransomware. Hackers get into IoT systems or software and block it or disrupt it. In order for the device or the system to work properly again, the owners need to pay a ransom (mostly through cryptocurrency such as Bitcoin).

Imagine a world where your coffee machine blackmails you into paying money or it will brew only decaf.

In this time and age, what is the best way to be secure? Just turn things off?

Jokes aside, this is a pretty serious issue. Do remember that systems are built to be hacked. So, what might seem a security solution today may be a new attack name tomorrow.

In the world of IoT, our primary goal is to keep data safe and the secondary goal is to keep our devices and servers updated.

For data communication security, we can use a standard such as X.509, where we encrypt the transported data using public/private keys. If needed, the data that is being transmitted can be scrambled and encrypted.

All of the data stored in databases needs to be encrypted. This definitely causes overhead but will save us from attacks.

Check out this article on how MongoDB databases were attacked and how ransoms were required to get them back: https://www.networkworld.com/article/3157766/linux/mongodb-ransomware-attacks-and-lessons-learned.html.

In the next section, we will start looking at the two types of IoT stacks that the world is moving towards: cloud computing and fog computing.

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime