The growing IoT includes a majority population that is inherently naïve and wide open to the lure of criminal involvement. The risk is not only that one specific function might be compromised – as if an attack on a vehicle tracking system could lead a secure van into an ambush – but also that the IoT might provide a weak link or point of entry to an otherwise strong security chain.
Nobody noticed anything wrong with that smart fridge while it continued sending out spam mail, because it “kept its day job”. This means that simply adding an Internet connected control device to an existing IT network might open a door into an otherwise secure system. A couple of years ago saw an attack on a system designed to integrate a US electricity company’s IT network with the grid control. There was nothing inherently wrong with the system – it was a highly sophisticated system in use since the late 90s – but it was never designed to connect to the Internet and that meant it was vulnerable and, sure enough, it was attacked.
What is especially disturbing about the IoT is not just its vulnerability but also that so many of its components have a direct, physical function. It is very inconvenient when a computer virus causes your PC to crash and lose your latest documents, but at least no-one is physically hurt. But if an attack on the IoT were to prevent a fire alarm from being triggered, cause a life-sustaining medical system to fail, disrupt air traffic control, or the brakes to fail on a connected vehicle – then lives and property would be endangered as a direct result of the attack. This escalates the possibilities for serious criminal activity and opens new doors to terrorists and cyber war between nations. This was the sort of attack seen in 2010 when the Stuxnet worm closed down Iran’s Natanz nuclear facility: not by simply closing down a thousand centrifuges but by physically damaging them in a manner that would take weeks to repair.
This means that the IoT threatens us with sheer diversity as well as large numbers. At one extreme it will be connecting highly critical systems: industrial and utility grid control systems that could cause widespread damage or economic harm if breached; critical healthcare and remote medical devices containing sensitive personal data or responsible for life support; navigation and control systems for connected cars, air traffic control and so on. At the other extreme it includes a huge naïve population of low-cost devices: monitors, meters, wearable devices, simple switches for remote control of household lighting and other domestic gadgets.
Once these cumulative risks have been recognised, the challenge is to understand them. There are limits to the amount of complexity that even the cleverest human can predict – hence the surprises that can emerge in complex systems. So, rather than try to predict what might happen, the solution is to model accurately the complex system and see how the model behaves, in order to gain understanding.
This is how today’s complex networks are already being tested – both to prove that they perform correctly under all sorts of everyday conditions as well as under extreme conditions or cyber-attack. The network is modelled and realistic traffic and possible attack conditions are imposed on the model in order to see what happens. This can have several consequences: it can prove that the system is invulnerable, or it can reveal a weakness that can be traced and repaired, or it can simply reveal the system’s limits – so the operators can be forewarned of possible danger and design an appropriate damage limitation strategy.
The same principles will apply to the growing IoT. The difference is one of scale and diversity, but the building blocks for testing an IoT are already there, and there are already specialist network testers with long experience of what could happen, and what sort of tests will be most needed.
The Internet of Things does indeed present a new challenge. But the networking industry has, for longer than three decades, been gearing up to address this sort of challenge.
by Eric Hutchinson CEO, Spirent Communications