Exploring IoT Application Vulnerabilities: Risks and Solutions

.docx

School

Green River College *

*We aren’t endorsed by this school

Course

360

Subject

Information Systems

Date

Jun 13, 2024

Type

docx

Pages

2

Uploaded by ChiefSeaLion3752

Report
Lab - Learning the Details of Attacks Objectives Research and analyze IoT application vulnerabilities. Part 1: Conduct a Search of IoT Application Vulnerabilities Background / Scenario The Internet of Things (IoT) consists of digitally connected devices that are connecting every aspect of our lives, including our homes, offices, cars, and even our bodies to the internet. With the accelerating adoption of IPv6 and the near universal deployment of Wi-Fi networks, the IoT is growing at an exponential pace. According to Statista, industry experts estimate that by 2030, the number of active IoT devices will approach 50 billion. However, IoT devices are particularly vulnerable to security threats because security has not always been considered in IoT product design. Also, IoT devices are often sold with old and unpatched embedded operating systems and software. Required Resources PC or mobile device with internet access Instructions Part 1: Conduct a Search of IoT Application Vulnerabilities Using your favorite search engine, conduct a search for Internet of Things (IoT) vulnerabilities. During your search, find an example of an IoT vulnerability for each of the IoT verticals: industry, energy systems, healthcare, and government. Be prepared to discuss who might exploit the vulnerability and why, what caused the vulnerability, and what could be done to limit the vulnerability. Note : You can use the web browser in the virtual machine that was installed in a previous lab to research security issues. By using the virtual machine, you may prevent malware from being installed on your computer. From your research, choose an IoT vulnerability and answer the following questions: Questions: a. What is the vulnerability? The vulnerability we chose was the lack of security measures put in place for IoT devices. This has become concerning as the hacking of these devices has become quite popular and the number of households containing IoT devices continues to rise. Some main concerns are that some older devices have little to no software updates or patches after its release and even if they did have updates, would it even be able to protect the device? IoT devices like smart speakers, Ring/security cameras, smart thermostat, etc. are still regularly left unprotected and open to hackers because these devices lack the necessary security measures. Customers are left uneducated about how to put the right measures in place to protect vulnerable data on IoT devices. b. Who might exploit it? Explain. 2018 - 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 1 of 2 www.netacad.com
Lab - Learning the Details of Attacks Hackers who would want to exploit sensitive data for their own personal gain. Hackers tend to exploit personal data from businesses or people by blackmail or holding data ransom, in return they receive compensation in the form of money to release the data back to the company. Some hackers may be looking for personal identifiable information (PII) like bank account credentials/numbers, SSN, etc. Anything they could use to sell on the dark web. Hacktivists, which are hackers who protest and steal data from organizations, steal/leak valuable data for a political cause. IoT devices are full of data that is collected daily whether it is a recording of your voice from your Alexa or data collected from your smart fridge. When hacking, IoT devices are exceptional devices to be the gateway device into the network because of their lack of security. From printers to projectors, they all pose as a weak point to the network when they face the same security risks that any internet-connected device has. c. Why does the vulnerability exist? To maximize customer satisfaction, companies are focusing on the “quality of life” and design of the product over the security of its data. IoT devices tend to perform simple tasks and collect data that doesn’t seem significant, allowing for less concern over security. IoT devices are usually small, leaving less room for security firmware and overall limiting their capabilities. d. What could be done to limit the vulnerability? Inform and educate the buyer about any security measures possible. Once the IoT product is registered, the customer should be checking regularly for updates, use strong passwords for accounts linked to the device, and encrypt your network for preventative measures in case someone does gain access to the device. This means the buyer should research the product before purchasing. See how it collects data and make sure the privacy features are appropriate for your situation. Work Cited: https://www.itbrew.com/stories/2023/06/06/report-iot-devices-a-popular-target-for-hackers https://www.cyberdb.co/how-secure-is-iot-data-transmission/ https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/smart-yet-flawed-iot-device- vulnerabilities-explained https://www.armis.com/faq/why-are-iot-devices-vulnerable/ 2018 - 2024 Cisco and/or its affiliates. All rights reserved. Cisco Public Page 2 of 2 www.netacad.com
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help