Internet of Things security is a current topic, however penetration testing on connected devices are far from being a widespread practice. Most manufacturers prioritize product functionalities and design first. However, even with a “security by design” approach, pentesting remains essential to know the real security risks, and then to take the necessary measures.
What is an IoT pentest? A connected device is a complex solution, with various potential entry doors for an attacker. A connected device security audit (or pentest IoT) includes tests on the entire object ecosystem, i.e. electronic layer, embedded software, communication protocols, server, web and mobile interfaces. Server-side, web interfaces and mobile applications tests are not specific to IoT, however they are important tests as they are particularly high-risk areas. The tests on the electronic side, embedded software and communication protocols concern vulnerabilities more specifically the IoT.
There are three specific types of attacks on connected objects and embedded systems. Software attacks, non-invasive hardware attacks and invasive hardware attacks. The first take advantage of software vulnerabilities, the second recover information from the hardware without damaging it while the third involve opening the components and therefore destroying them in order to be able to extract secrets. While the first two types of attacks do not require many resources, this is not the case for invasive attacks, for which very expensive equipment is required.
Here are ten concrete tests conducted during the security audit of a connected device, illustrated by some mediatized and emblematic examples. For each of the points discussed below, there are many tools and methods that take advantage of very different vulnerabilities. This is therefore a non-exhaustive list.
Software attacks
1/ Detecting open and poorly protected communication ports ..
Support the originator by clicking the read the rest link below.
