There’s a lot of excitement building around the Internet of Things (IoT), a huge ecosystem of smart devices coming to our bodies, homes, cars, and cities. But let’s be honest: There’s a certain level of trepidation, too. What’s becoming clear is ignoring security in IoT endpoint devices is no longer an option in today’s — and our future — connected world.
Qualcomm Technologies’ Director of Product Management for IoT Security, Jesse Seed, sat down with us to talk about the risks, needs, and challenges of securing today’s IoT devices, and why our holistic approach to device security can help mitigate many of these issues.
We've been hearing a lot more about vulnerabilities in the IoT. Why does there seem to be so much more concern now?
I think it’s due to the growing ubiquity of IoT devices. Many more connected devices are now in our homes, workplaces, public spaces, and even on our bodies. IoT is becoming part of the zeitgeist.
Correspondingly, there have been a few very high-profile attacks on IoT devices that have made the mainstream news. For example, the Mirai botnet attack that occurred in October 2016. It infected nearly half-a-million devices and took down huge portions of the North American internet, including major sites like Twitter, Amazon, and HBO Go.
It highlighted that device security in the consumer space leaves a lot to be desired at the moment. There’s a frequently cited study from HP that showed about 70 percent of the common IoT consumer devices they surveyed were using unencrypted network services. Eighty percent of these devices raised privacy concerns of some sort. That means potential access to user data and personal information, or even the ability to spy on people.
What can happen if these insecure devices are attacked?
One of the things that can happen is an attacker can modify the code that's running or stored on a device. They can inject their own software, like malware, to make the device do things it shouldn’t be doing. This is usually accomplished through bugs in the code or weak protocol implementations. If some particular communications protocol stack is not implemented in a secure way, it makes it possible for attackers to get in and change the device behavior.
Another common method of attack is to compromise a key. Let's say a device is using an encrypted communications channel to talk over your network. If a person knows or can extract the key that’s being used for this encryption, she can interpret the data that’s being sent.
Password compromise is another common attack vector. We see this one quite frequently in those hacks that I mentioned are popular on the news. It's as simple as not changing a default username and password. Another kind of password compromise would be if an attacker used brute force or guessed the password to gain access.
Another common threat is a so-called man-in-the-middle attack. Your device is talking to what it thinks is an authentic cloud, but actually there’s somebody in the middle who’s able to steal the data in transmission.
Any of these attacks could leave a user or device susceptible to a number of unpleasant consequences. We already mentioned the distributed denial of service (DDoS) attack where your device is turned into a bot to spam servers and create havoc on another network. Additionally, some attacks cause devices to be 'bricked' permanently, where the device is rendered useless, creating financial impact. Others seek to steal personal data and invade privacy.
But unfortunately, it really can get even worse. Think about IoT devices responsible for physical security or personal health and safety. This could be anything from door locks, alarm systems, sensors on bridges, and water towers to medical devices like an insulin pump. These could jeopardize human safety, if compromised.
In your opinion, what qualifies a device as secure?
We've identified five common security needs that span a wide range of IoT use cases.
- The first need is software integrity. Essentially, software integrity means that the code running on your device, or stored in your device, is from an authentic source and hasn’t been modified by an unauthorized party. I extend integrity to mean that the software is written in a robust manner. Software integrity is critical to blocking code-modification attacks.
- The next major need is data protection. This pertains to both “data at rest,” which is data that’s stored on the device as well as “data-in-transit,” which is data transmitted between the device and the cloud. We have to think about how to protect the data in both conditions.
- Another critical aspect of device security is the ability to do secure firmware upgrades and lifecycle management. This is often overlooked but incredibly important. Some IoT devices will be in the field for a decade or more. You have to be able to get these endpoints critical patches if a vulnerability is found, preferably without having to deploy a technician into the field. Also, you need to manage the lifecycle of that device. When I onboard the device to the network, is that network secure? If I have to decommission, repurpose, or RMA it, can I do that in a secure way?
- The next major need is device-to-cloud authentication and attestation. When a device talks to the cloud, how does the cloud know the device is what it says it is and if it’s in an uncompromised state? Also, can the device be sure that the cloud it’s connected to really is the network it's meant to be talking to and not a rogue man-in-the-middle?
- The fifth need would be user authentication. This is especially important in a device that has multiple users or a physical user interface. Can I tell that the user who's interacting with this device is who they say they are? If so, what are they allowed to do? Setting different roles and permissions limit what particular users should or should not be allowed to do.
These are the basic needs I see spanning the wide range of IoT markets and use cases. Of course, when you focus on certain specific IoT segments, there may be additional needs and requirements to consider.
How is Qualcomm Technologies unique in its ability to protect a wide variety of IoT devices?
First, we have a trusted solution. The building blocks for mobile security are very similar for IoT. That’s quite an advantage for us, because we know mobile security really well. We have a footprint in billions of devices worldwide, and we’ve been working on mobile security for as long as we’ve been building chips. We’re able to utilize that expertise in embedded hardware-based security in our IoT solutions.
Addressing the challenge of scale is another value proposition from Qualcomm Technologies because we deliver platforms for the vast diversity of IoT segments and price-points. We have a portfolio of chips and software that spans everything from very high-end application processors to the simplest Bluetooth low-energy sensors. Likewise, we scale our security solution appropriately across that portfolio to really help customers — meaning device manufacturers in all these spaces — address their end-device security needs as robustly as possible.
Lastly, our solution is collaborative. We understand that security is not something that only comes from chips or software or clouds on their own. You need collaboration between silicon providers, device manufacturers, third-party software providers, and especially cloud service providers and mobile network operators. This can help ensure that you have a comprehensive security solution from device-to-cloud. Qualcomm Technologies helps to support that through pre-integration with many of the leading network operators and cloud platforms and strong relationships and training of our OEMs.
What else differentiates Qualcomm Technologies' IoT security platform from others?
We integrate hardware security directly into our IoT processors. That means, for most IoT industries, you wouldn’t need to add an external security IC. This allows for BoM savings and also a time-to-commercialization advantage. Instead of an OEM’s engineering team spending time to integrate two different chips, you’d have the hardware-based security foundation you need in one. Furthermore our critical features are either in hardware or in hardware-protected firmware, which are designed to allow us to provide superior robustness compared to software-only security solutions.