Greeting Everyone! Hope everything is Going Well ! As we Know growing of technology IOT take place More and more In technology environment Introduction of IOT has Took Place in different platform Such as agriculture , I.T, Home accessories even Your home Bulb is Based On IOT which is connected through internet. . Everyone from vendors to enterprise users to consumers is concerned that their IoT devices could be compromised. Here We are going to take a look top 10 Vulnerability Against IOT Devices that My cause Damage And Access control your IOT Device.
What Is IOT Device (Internet of things)
According to google The Internet of things (IoT) describes the network of physical objects—“things”—that are embedded with sensors, software, and other technologies for the purpose of connecting and exchanging data with other devices and systems over the Internet.
IOT Internet of things That We know Technology made our life easier day bay day Internet is thing that we can Access thing from anywhere of the world no matter where are You In simple world IOT took all Thing available Through Internet That we can easily access Which Is time consuming and easy to Produce our Work Environment. Eg: Suppose You have Bulb and every bulb has Switch that we can On off physically But IOT help In this scenario We can Control Bulb With Help of Our smartphone or PC this how actually IOT Work.
Even we Know Security — Security is one of the most critical responsibility in IoT, closely related to data ethics, privacy. It must be built-in at every step of the design of the system. millions of new devices connected every day, the number of potential points of attack grows daily So security Is also Important part for our IOT Devices which connected Through the internet .
OWASP Have Top 10 Common Vulnerability Against IOT devices What are Common Issue That may exploit against Our IOT device ?
Weak, Guessable, or Hardcoded Passwords
In every IOT Device We See And common issue Phase Hardcoded Password, Unchanged credentials, Guessable that mean an bad actor can easily Bruteforce or guess Your Password To access Your IOT devices, Which is also Critical issue that happens everyday.
Insecure Network Services
Insecure Network services running Inside Your Device or Network is accessable Publicly exposed through the internet which cause lose confidentiality, integrity/authenticity, or availability an remote attacker could take advantage of it access control your device.
Insecure Ecosystem Interfaces
In Our IOT device, A vulnerable web interface, cloud, mobile interface or API in the system may pose a threat to the device and the data within. Feeble encryption, weak filtering of input and output, lack of authorization are some of the common issues.
Lack of Secure Update Mechanism
Weak implement of Update against your device that mean transmission data in Improper communication misstape to update device it could comes with potential security issue and open door for Vulnerability .
Use of Insecure or Outdated Components
Component are very matter in our IOT device that mean use of weak or older & insecure software, framework could lead to open door for an attacker an attacker can easily exploit against those issue . This also include Insecure Configuration of your OS, hardware from third parties.
Insufficient Privacy Protection
Privacy is main concern In every device It could Your identity or Your user details. Details of the users Which not protected properly In secure manner which could leak use privacy.
Insecure Data Transfer and Storage
Data transmission through Insecure connection could lead to leak sensitive Information IoT devices transmit the data along with storing them in an encrypted format at the same time if device is not Protected against this mechanism
Lack of Device Management
Weak Security management against Device weak security Support on device That deployed our IOT devices based on asset management , Update management , system monitoring .
Insecure Default Settings
Default Setting could lead A open door for an Attacker default settings or lack the ability to make the system more secure by restricting operators from modifying configurations. To protect against our device Proper Setting Configuration Must prefer for a secure manner.
Lack of Physical Hardening
Weak physical hardening step , allow an attackers to get sensitive information that could possible for Remote attack against device in further.
Conclusion: We Discuss Top 10 common Security Risk Against Our OIT Device based on OWASP Top10 Issue . Security Is out Main concern To protect the world and serve securely your product. We will publish, How we can attack against IOT With Example Wait For Next….
Thanks For Reading……. See You In Another Blog!
Stick With Our Blog: Click Here
Author
Pallab Jyoti Borah
VAPT Analyst
