IoT Security -- How to identify your IoT device security vulnerability -- #Day3 [TWT🏆]

How to identify your IoT device’s security vulnerability?

Whatever the IoT device is, it’s always good to start with mapping the attack surface, here we introduce a method called Ninja Recon Technique.

Like the name of the technique suggests, in order to penetrate a system, we must do some recon to know it very well, so it would help us to find more exploits. As a Ninja, you has to first Spy on the device and collect as many information as possible, then draw a diagram of the entire architecture of the device, this will give us a clearer picture about the device. Because IoT comprises of many more components than a traditional web app or network, that also means more possibility to infiltrate. An example of the diagram for an IoT device can be like this,

or a deeper threat model using specific tool
12325

With an overview done, now we can look at the graph and start listing out all the components in the graph, for example,

- IoT Home Gateway
- Light bulb
- Smart Door-lock
- Security Came
- Mobile Application
- Database
- WiFi Router
- etc

And then more onto the invisible components like,

- WiFi that light bulb uses to connect to router
- Zigbee that smart door-lock uses to connect o gateway
- BLE that smart phone uses to connect to multiple devices
- MQTT protocol that light bulb use to transmit data to server
- etc

Once you have these keywords out, you can move on to the last step of this technique — Research online. It’s just normal that we only know a fraction of what is going on inside the smart device, but internet is our great friend, with some keywords searches, you will find a lot of existing exploit that have already been reported and then you can simply start from using one of the technique explained online for a simple penetration test. Remember, most IoT device weren’t designed with security in mind, so chances are, the exploit that your research returns might just be able to hack into the system or cause some problem.

Conclusion

To understand IoT security, you really have to get your hands dirty, so stop talking and start acting now, your efforts will pay off in one way or another.