As small as surveillance cameras in the streets and lanes, as large as cars and substations, in the era of internet of everything and intelligence, the Internet of Things seems to be able to connect all entities. According to the data and forecast of China Industrial Information Network, the number of Internet of Things devices has reached 10.7 billion in 2019, and it is estimated that the number of Internet of Things devices will reach 25.1 billion by 2025.
However, with the popularity of the Internet of Things, its security issues have also attracted people’s attention. Recently, Paituo Network, an American network security company, released a report saying that the company found a serious security vulnerability in the product firmware of Japanese intelligent solar panel manufacturer Kontek, which can be used by hackers for cyber attacks. The vulnerability discovered this time, together with more than 20 other vulnerabilities, constitutes a variant of the Mirai botnet described by Paituo Network.
Compared with the traditional network, what are the shortcomings of the Internet of Things in terms of security? Judging from this security breach, how can the Internet of Things improve its security capabilities if it wants to develop continuously? With these questions, the reporter interviewed experts in the field of Internet of Things security technology and the heads of related enterprises in the field of Internet of Things.
All kinds of devices will become targets of attack.
In 2015, two white-hat hackers remotely invaded a certain brand car that was driving on the road. They used the loopholes in the car networking access system of this model to remotely control the direction, throttle, brakes and wipers of the vehicle. In July of that year, the car manufacturer announced the recall of 1.4 million cars with loopholes.
Similar incidents are not isolated cases. In 2016, Tencent Security Cohen Lab also used security vulnerabilities to conduct a long-range attack on a well-known brand electric vehicle without physical contact, realizing remote control of the vehicle in the parking state and driving state. This result has also been confirmed by the car manufacturer of this brand.
These two incidents of Internet of Vehicles security vulnerabilities point to the increasing security problems of the whole Internet of Things terminal.
In 2020, after investigation, some researchers found that in just half a month, the number of malicious code attacks on specific vulnerabilities in the Internet of Things reached 67 million times, and a single organization attempted to attack hundreds of thousands of IP addresses, and more than 25% of security intrusions were related to Internet of Things devices. From routers to closed-circuit television cameras to solar panels, all kinds of Internet of Things devices have security risks.
Professor Sha Letian, an Internet of Things security expert at Nanjing University of Posts and Telecommunications, said that the hidden dangers caused by Internet of Things security vulnerabilities mainly include the disclosure of user sensitive information and malicious code implantation. The former is characterized by personal account password, user photos and videos, user voice stolen, etc., while the latter is characterized by installing Trojan horse programs in routers, cameras, smart speakers, smart TVs and intelligent networked cars to control user equipment.
The security construction of Internet of Things faces challenges.
In recent years, the security protection of Internet terminals such as computers and mobile phones is becoming more and more perfect, and the cost of hackers’ attacks on them is increasing. However, due to the short development time of materialized IOT devices and the lower cost of hacker attacks, the attacks against them are gradually increasing.
Sha Letian pointed out that the Internet of Things industry has the characteristics of long industrial chain and rich equipment diversity. For example, the Internet of Things industrial chain involves all aspects of Internet of Things equipment manufacturing, sensor technology, communication network, cloud platform, data analysis, application development and service, etc. In the Internet of Things environment, there are many brands of Internet of Things equipment and many communication protocols, which makes it difficult to achieve systematic Internet of Things security construction. "Another feature of IoT devices is that they need continuous power supply and long-term operation. Under normal circumstances, they will not be frequently switched on or restarted, so it is difficult to detect them in real time after security problems occur." Sha Letian said.
There are also great differences in the security of different devices and systems in the Internet of Things. Xu Xin, the chairman of Nanjing Zhongke Zhida Internet of Things System Co., Ltd., has been researching and developing Internet of Things communication equipment for a long time. He said that from the connection mode, Internet of Things equipment can be divided into two types: cellular connection and non-cellular connection. The former uses mobile communication network to connect to the Internet, which has high cost and high security. At present, about 400 million terminals are added every year in the world, mainly in the fields of intelligent networked automobiles and electric power. The latter is connected to the Internet through WiFi, Bluetooth, Zigbee, etc., using open spectrum resources, with low cost and poor security. There are about 11 billion terminals in the world, most of which are smart home devices.
At the same time, there is also a lack of unified access standards between the cloud, the device and the user’s operation end of the Internet of Things, which also brings potential security risks such as hacking, data leakage and privacy violation.
Sha Letian said that the current security issues have a great impact on the development of the Internet of Things industry. The disclosure or theft of private data reduces users’ trust in IOT devices and affects the popularization of IOT devices at home. At the same time, botnet long-range attacks against IOT devices have become increasingly fierce, which has led to a decline in the utilization rate of IOT devices in key infrastructure and greatly affected the industrial application of IOT devices.
Need to improve the overall cooperative defense system
In fact, the security protection of Internet of Things devices is not vulnerable, but new attack methods are also emerging one after another. At the same time, Xu Xin said that the development of the Internet of Things is in the stage of Ma Benteng, and the security protection packages provided by various manufacturers are also rich and frugal. Most of them are only for the security protection of communication ports, belonging to basic protection, and the overall collaborative defense system of the Internet of Things is not perfect.
At present, the security guarantee for Internet of Things products is mainly deployed through the hosting mode of "device+mobile phone+cloud", which can not only ensure users to remotely control devices, such as viewing camera video images at home on the mobile phone; It is also possible to entrust the security issues of equipment access rights to remote cloud control servers, such as Alibaba Cloud, Huawei Cloud and other platforms. However, judging from the latest security vulnerabilities and attacks, there is still a security risk of counterfeit cloud or mobile phone communicating with IOT devices, thus realizing illegal remote control of IOT devices.
Sha Letian believes that if the Internet of Things wants to develop continuously and healthily, it should vigorously improve its network security capabilities and fundamentally solve the security risks on the device side. For example, an intrusion detection or vulnerability early warning function module is added in the equipment production process to detect the safety risks of the equipment in real time, and when the safety risks occur, they are linked with the remote cloud and the user’s mobile phone. At the same time, the security management mode of Internet of Things devices is assimilated to personal computer terminals to solve the problems of early warning, detection and disposal of network security as much as possible.
Xu Xin told reporters that "proactive attack" can be adopted to improve the security of IoT devices. Security prevention and control should not be passive. Relevant enterprises, universities and research institutes should cooperate to find loopholes and develop safer products through cyber shooting range.
Related links
Unique security mechanism escorts IOT devices.
Compared with traditional personal computer terminals, Internet of Things devices have many characteristics, and the security threats they face and their own security design are very different from those of personal computer terminals. In view of this, relevant researchers have designed some unique security mechanisms.
For example, a lightweight encryption algorithm. Because IOT devices are usually exposed to unsafe physical environment and highly rely on wireless communication, encryption algorithm is a "just need" for IOT devices. However, common cryptographic algorithms on computing devices such as personal computer terminals often consume considerable computing power and energy while ensuring high security. On the one hand, lightweight encryption algorithm can ensure the security of IOT devices, on the other hand, it can reduce its requirements for computing power.
Another example is device fingerprints. Device fingerprint is a string of information composed of hardware and software attributes of the device. The physical components of IOT devices are not 100% identical, which leads to subtle physical differences between IOT devices, and this difference can be used as a special "fingerprint". Equipment fingerprint is unique and can be used to identify and track the behavior and activities of equipment, which is the underlying core technical guarantee for safety risk control.
关于作者