IoT cybersecurity risks: an overview of the main threats

In a general environment where cybersecurity is an essential component of networks and services, IoT (Internet of Things) objects today present specific characteristics that are sources of weaknesses:

• the low level of security maturity, or even the absence of a strong security culture, which can be observed in certain technologies or in common implementation faults (such as a single, trivial password for a series of objects). When studying the security of various objects, it is clear that we often find open serial ports, unprotected radio interfaces, obsolete kernels in firmware, secret keys in the clear, etc. ... ;

• the positioning of objects as entry points to the Internet and to personal information systems (local home networks) and professional information systems (internal company networks), which, by disseminating objects in the field and making them accessible both locally and remotely, extends the attack surface of networks and systems;

• massive deployment of objects built on the same foundation, transforming any vulnerability into a large-scale threat;

• the massive generation of personal data to be strictly protected within the framework of users' rights to privacy and control of their data;

• the ability to act in the real world with new, malicious motivations: spying on homes using cameras or voice assistants, industrial systems used to damage factories, endangering or even attacking the integrity of individuals, etc.

These weaknesses, which are very real in objects, can be used to hijack the IoT services themselves: disorganize a factory, spy on a home, open a door, divert a car or stop a pacemaker... The list is long of real or laboratory exploits regularly noted by security researchers (see, for example, the training sessions on hacking IoT objects via IP, radio and hardware interfaces at the BlackHat conference ).

But paradoxically, objects are more often hacked to break into an information system, or even just for their sheer computing capacity and bandwidth, as demonstrated by the Mirai family of infected object networks since 2016 . Malware constantly scans the Internet for vulnerable (e.g.: not updated) and open (e.g.: possessing...