Mender blog

What are the IoT security threats?

Implementing a system for provisioning OTA software updates is part of best practice in a strategy to deal with IoT security threats. The best way is to put in place a Zero trust architecture . OTA updates can be scheduled to deliver CVE updates automatically and to scale and to anticipate and patch vulnerabilities minimising the threat vectors. What are the threat types that need to be considered and planned for in an IoT device security strategy that incorporates OTA software updates? We go to the peer-reviewed research to find an authoritative summary overview of the main threat vectors in IoT device security.

IoT security threat types

There are many different types of attacks that can take place against IoT devices. These attacks can be categorised as follows: Active attacks, passive attacks, physical layer attacks, data link layer attacks, network layer attacks, privacy threats; software based attacks, side channel attacks, botnet attacks and protocol-based attacks. We will now go into the details of each of these different types of attacks.

Active attacks

These attacks are designed and executed to do malicious acts against a system which has the effect of disrupting services for authorized users. These attacks compromise privacy and the integrity of the system. Examples of active attacks include denial of service, distributed denial of service, man in the middle.

Passive attacks

These attacks are executed to retrieve sensitive information without being detected, so they do not interfere with the communication. Examples of passive attacks include traffic analysis, monitoring, node destruction and malfunction; and eavesdropping.

Physical layer attacks

These attacks interfere with the device making them the vulnerable terminal in IoT. Examples of physical layer attacks include node tampering, jamming and replication.

Data link layer attacks

These attacks exploit Mac schemes to launch different attacks. Examples of data link layer attacks include collision, DOS, ARP spoofing and unfairness.

Network layer attacks

These attacks try to disrupt the packets while they are in transit between the source and the destination. Examples of these attacks include DOS, routing attack, sybil attack, blackhole, spoofing and alteration.

Privacy attacks

These attacks involve turning the capabilities of IoT against the privacy of the users in acute ways. Examples of these attacks include identification, profiling, tracking, linkage and inventory.

Software-based attacks

These attacks use 3rd party software to infiltrate the system and then cause damage. Examples of these attacks include worms, viruses and trojan horses.

Side channel attacks

These attacks are hardware-based and leverage secret information such as cryptographic keys to compromise the device. Examples of these attacks include Timing Analysis and Power Analysis.

Botnet attacks

These attacks consist of infected devices such as sensors, cameras and printers, also known as “zombies” to launch co-ordinated large scale distributed denial of service attacks (D Dos) and compromise other IoT devices. Command and control servers are used with the peripherals to execute the attacks. Examples of these attacks include Mirai, Hydra, Bashlite, lua-bot and Aidra.

Protocol-based attacks

These attacks target the connectivity protocols of IoT devices and can be both RFID, Bluetooth and Zigbee-based. Replay, tracking and killing tag in RFID; DOS, bluesnarfing and bluejacking in Bluetooth; and finally sniffing, replay and ZED sabotage attacks in Zigbee.

In conclusion, the threats are varied. Combating them requires a decisive plan upfront at the start of the IoT project. Ensure that a best of breed system for providing OTA software updates is part if your IoT device security planning.

Credit to Malhotra, P.; Singh, Y.; Anand, P.; Bangotra, D.K.; Singh, P.K.; Hong, W.-C. Internet of Things: Evolution, Concerns and Security Challenges. Sensors 2021, 21, 1809. for detailing these attacks in their authoritative research paper on IoT device security.

Recent articles

Enhancing sustainability in oil & gas: tackling methane emissions with cutting edge solutions

Enhancing sustainability in oil & gas: tackling methane emissions with cutting edge solutions

Discover how Kuva Systems overcame challenges in managing methane emission monitoring cameras in the oil & gas industry with advanced OTA updates and remote troubleshooting.
CVE-2024-37019 - Account takeover using SAML

CVE-2024-37019 - Account takeover using SAML

CVE-2024-37019 is an account-takeover vulnerability in Mender Enterprise which was fixed in versions 3.6.4 and 3.7.4.
The top challenge for autonomous vehicles: What does adding AI to cars mean for OEMs?

The top challenge for autonomous vehicles: What does adding AI to cars mean for OEMs?

The critical question for the automotive industry is: how can you shorten the time to market and innovate faster in software and AVs to meet more demanding customer requirements?
View more articles

Learn more about Mender

Explore our Resource Center to discover more about how Mender empowers both you and your customers with secure and reliable over-the-air updates for IoT devices.