How can IoT security develop in parallel in the Internet of Everything era?

The Internet of Things is the core support of the third wave of the information industry and the fourth industrial revolution.

It has spawned many industries and businesses through deep integration with various industries, such as Internet of Vehicles, Industrial Internet, Smart Grid, Smart City, and Smart Agriculture. , smart medical care, smart logistics, smart home, smart wear, etc., have changed people's lifestyles and brought great convenience to people's daily life. Currently, the global IoT industry is developing rapidly.

Raspberry Pi 4th generation - IOT Raspberry Pi

The Mobile Economy 2022 released by GSMA predicts that the number of global authorized cellular IoT connections will reach 2.5 billion in 2023, and it is estimated that by 2030, the number of global authorized cellular IoT connections will reach 5.3 billion. .

The development of my country's Internet of Things industry is at the forefront of the world, and the construction of mobile Internet of Things is a global leader. As of the end of 2022, the total number of terminal connections on my country's mobile network has reached 3.528 billion, of which 1.845 billion cellular IoT terminal users represent the number of "thing" connections. Since the end of August 2022, the number of "thing" connections has surpassed the number of "person" connections After that, the proportion of "thing" connections has risen to 52.3%. The Internet of Everything empowers thousands of industries. The scale of cellular IoT terminals applied to public services, Internet of Vehicles, smart retail, and smart home has reached 496 million, 375 million, 250 million, and 192 million households, respectively.

With the advent of the Internet of Everything era, we feel the convenience and speed brought by extensive interconnection, global awareness, and remote control, but the application of Internet of Things technology also brings new network security risks. In recent years, cyber attacks against IoT devices, systems, networks, and platforms have been increasing, which has had a huge impact on personal privacy, enterprise production, city operations, and even national security.

IoT security faces new situations, new risks and new challenges

First, the security risks of IoT devices are prominent. IoT devices face security risks such as hardware design flaws, software and firmware vulnerabilities, and lack of authentication mechanisms. In order to control the cost of IoT devices, manufacturers often choose low-power and cheap hardware and chips. The computing performance and security functions of these hardware are often weak, and they cannot provide solid security support, such as encryption and tamper-proof. design etc. The software code quality of IoT devices is uneven, resulting in a large number of software vulnerabilities. Common vulnerabilities include buffer overflow vulnerabilities, command injection vulnerabilities, etc. Attackers can use these vulnerabilities to remotely gain control of devices and then launch network attacks. The identity authentication and access control mechanisms of IoT devices are not perfect, resulting in a large number of IoT devices being accessed anonymously, or even being cracked by attackers to obtain control rights through simple passwords.

For example, a large number of IoT cameras currently have the problem of unauthorized access after weak passwords are cracked , can easily lead to malicious control, DDoS attacks, data leakage and other security incidents, endangering the normal operation of key network infrastructure.

Second, the Internet of Things network security is insufficient. The Internet of Things is connected with the traditional fixed network and mobile Internet to form a new heterogeneous network with multi-network integration. In the process of data collection and data transmission, it faces security risks such as network intrusion and data leakage. The perception layer is the technical basis for the comprehensive perception of the Internet of Things. It mainly collects various information of objects through various sensors, and then transmits the data to the upper layer through NB-IoT, 3G, 4G, 5G and other access technologies. However, the perception layer nodes have huge data, diverse protocols, single functions, and limited computing and storage resources. They cannot provide complex information security protection capabilities, and are vulnerable to malicious attacks and damages during the data collection process, affecting the normal operation of the system. The network layer is mainly responsible for accurately transmitting the data collected by the perception layer. However, due to the complex network environment of the Internet of Things and the limited resources of the Internet of Things nodes, the data lacks encryption technology protection during the transmission process, and is extremely vulnerable to man-in-the-middle attacks. Attackers can illegally obtain data packets in the communication path, directly read plaintext data or modify data packets to destroy data integrity. This attack method is easy to implement but difficult to prevent, which will lead to a large amount of sensitive data leakage. At the same time, due to the unclear definition of the Internet of Things network boundary, attackers can access the network by masquerading as a gateway or user node, and launch further attacks on network components and devices after obtaining network access rights.

The third is the frequent outbreak of Internet of Things data security issues. The Internet of Things will generate and share massive amounts of data based on its own interconnection properties, and these data will have a lot of security risks in the process of storage, use, and sharing. When data is stored on devices and platforms with insufficient security protection, it will be directly stolen by attackers. When there is no strict access control mechanism in the process of data use and data sharing, others can obtain or even use user sensitive data without permission, affecting the normal production and life of users. The Unite 42 threat intelligence team monitored 1.2 million IoT devices in the United States and found that 98% of IoT devices are not encrypted, posing risks of personal privacy and data leakage. In recent years, there have been many similar network security incidents, such as images collected by a large number of home cameras being sold online, and smart speakers leaking user privacy.

Fourth, the security of the Internet of Things platform should be paid attention to. IoT devices, cloud platforms, and application platforms are interacting with data all the time. Once these platforms are hacked, the entire IoT system will be destroyed. When there are software vulnerabilities or configuration errors in the cloud platform and application platform, it is very easy to cause DDoS attacks at the application layer and cause service interruption. At the same time, the Internet of Things platform also faces risks such as insufficient security management of agents and supply chain pollution. The supply chain of IoT devices is complex. If the platform has insufficient security control management for suppliers, it is easy to be implanted with a "back door" in the process of hardware manufacturing and software development. This "back door" is extremely hidden, and it is still difficult to find after the device is delivered. , Once enabled, it will cause immeasurable risks. Therefore, platform managers should improve supply chain monitoring and security management processes to reduce risks.

Advancement of Internet of Things Security Risk Response Work

In recent years, under the support and guidance of the Ministry of Industry and Information Technology, China Academy of Information and Communications Technology has cooperated with relevant industry units to actively and steadily promote the response to Internet of Things security risks.

The first is to give full play to the leading role of industry organizations and actively promote the preparation of standards related to Internet of Things security. Accelerate the construction of the Internet of Things security monitoring standard system, develop a series of standards for Internet of Things security monitoring, and promote the "Technical Requirements and Test Methods for Internet of Things Traffic Screening", "Technical Requirements for Internet of Things Network Security Monitoring and Management System", "Internet of Things Network Security Monitoring and Management System Interface Technical Requirements" and "IoT Terminal Network Security Risk Classification and Grading Evaluation Method" and other industry standard projects have been established to build clear and clear technical requirements and test methods for the Internet of Things network security monitoring system to help the sound development of the Internet of Things industry.

The second is to rely on the industry's network resources and technological advantages to initially build a security monitoring system covering the Internet of Things bases of basic telecommunications companies. A government-enterprise linkage Internet of Things basic security access monitoring platform has been built, which has the functions of collection, monitoring, research and judgment, and response. Hundreds of millions of terminals are monitored to form the overall security situation awareness and analysis capabilities of the Internet of Things. At the same time, the platform has established threat intelligence databases such as IoT vulnerabilities, malicious network resources, and security rules. It has accumulated more than 10,000 security event rules and malicious resources, and has functions such as IoT development trends, security trends, and special topics.

The third is to continue to carry out special research to explore and build the technical capabilities of IoT security threat detection and evaluation. Focus on the security risks faced by the perception layer, network layer, and application layer of the Internet of Things, carry out research on the performance evaluation index system of the Internet of Things security threat detection system, consolidate the theoretical reserves related to the threat detection tools and detection methods of the Internet of Things, and actively guide relevant enterprises to develop Internet of Things terminals Product advanced capability evaluation activities, improve hardware security, software security, network security, application security and data security evaluation capabilities, and initially form the technical capabilities of IoT security threat detection and evaluation.

Thoughts and Suggestions Based on IoT Security Risks

The first is to accelerate the development and implementation of IoT security-related standards. Carry out the research and development of IoT terminal security, network security, platform security and other standards, promote the revision of IoT home gateway and gateway security testing standards, accelerate the construction of the IoT security monitoring standard system, guide the development of IoT product security evaluation work, and guide the IoT security Develop in a more scientific and systematic direction.

Raspberry Pi 4 - 9-Layer Acrylic Case with Cooling Fan - Raspberry Pi 4B Protective Case in Four Colors

The second is to continue to improve the technical capabilities of Internet of Things security monitoring. Build a basic telecommunications enterprise Internet of Things security monitoring technology system, strengthen the traffic screening capabilities of typical Internet of Things application scenarios such as Internet of Vehicles, Industrial Internet, and smart cities, and improve the quality of data reporting in terms of monitoring coverage, functional completeness, and business maturity. Promote the construction of 5G Internet of Things security monitoring pilots, continuously improve the Internet of Things private network security monitoring system, and enhance the comprehensive technical support capabilities such as industry IoT security situation awareness, risk warning, and emergency response.

The third is to accelerate the construction of the Internet of Things security testing and evaluation technology system. Build a security simulation and verification environment for typical scenarios such as smart homes and digital production, and carry out code security audits, high-risk vulnerability scanning, access control mechanism verification, data transmission security testing, network node identity authentication evaluations, etc. for IoT terminals, networks, and platforms Work, build technical capabilities such as vulnerability mining, simulated attacks, and intelligence collection, regularly carry out IoT security compliance assessment and testing activities, discover security risks in a timely manner, and promote IoT-related companies to enhance their own security protection capabilities.

How can IoT security develop in parallel in the Internet of Everything era

The fourth is to continuously strengthen the collaborative innovation of Internet of Things security enterprises. Focus on the "capacity shortcomings" and technological development directions of IoT terminal security, network security, and platform security, increase investment in IoT security special funds, carry out IoT security innovation and entrepreneurship competitions and conferences, integrate upstream and downstream resources in the industry, and gather "government-industry To cultivate and promote a number of IoT security products and solutions, promote the improvement of the security protection level of IoT terminals, networks, platforms and data, and promote the high-quality development of the IoT security industry.

*This article was published in "Communication World"
Issue 925 August 10, 2023 Issue 15
Original Title: "IoT Security Risk Analysis and Countermeasures Research in the Internet of Everything Era"