Take an MCU and add Bluetooth or Wi-Fi connection to the internet and you have an Internet of Things (IoT) device, and smart devices that are connected to the internet are everywhere. Smartphones, home automation, fitness bands, and products like the Amazon Echo are all examples of IoT. The problem with millions of internet-connected MCUs is that they can be hacked. A Distributed Denial of Service (DDoS) attack is when hundreds, thousands, or even millions of independent IoT devices are hacked and instructed to ping or query a single server or collection of servers belonging to a single entity within the same time frame. The receiving server cannot answer legitimate traffic because it’s busy investigating every knock on the door. In essence, DDoS is internet censorship at the least and the shutdown of vital services at its worst.
It’s up to manufacturers, designers, and developers of IoT devices to make them resistant to hacking by providing security. Many IoT devices in current operation, including connected automotive devices, have no security in place (not even a password.) Devices can be in operation for years and continue to operate normally even when they have been compromised. A CCTV camera that records license plate data to a database in a cloud via a wireless internet connection could be sending spam in between snapshots and uploads. Essentially, the connected MCU becomes a bot on the net and may or may not operate as intended, once hacked.
What can you do? Choose to apply a difficult-to-guess password (the longer the better and use symbols if possible.) Brute force hacking is a common tactic as a hacker’s computer program tries to guess passwords based on words in the dictionary. A computer that is set up to brute force hack at high speeds can crack a simple password by trying every word in the dictionary. Another tool in the anti-hacking toolbox is secure boot. Secure boot makes sure that an MCU is designed to run only secure software. Firmware updates ae signed with a key that requires authentication by the MCU chip, so the MCU knows whether that firmware is safe to run. The code can be intercepted and examined, but it cannot be run on the MCU without authentication. Code can also be encrypted so that it cannot be examined. However, the code must be decrypted by the processor before running it.
Make sure your connected device has firmware that can be updated. Security has to start from the ground up, since adding security to an existing design is much more difficult to implement. Security is also an ongoing operation; firmware updates may be necessary later as new hacks are discovered. The new rule of thumb is to update the firmware of any internet connected device as soon as it comes out of the box.
What kinds of attacks are possible to contaminate internet connected MCUs? Physical hardware access is one way to compromise your device. Internet access isn’t always necessary, since an attack could be local to your network or as simple as inserting a contaminated SD card. Another type of attack is termed “Man in the Middle,” or MITM attack. A MITM attack occurs when anything in between your device and the server it’s trying to communicate with is the attack vector. The attack could also come from the server (cloud) that your internet-connected MCU is doing business with or uploading data to, which means that security on the server-side is also imperative. Therefore, simple web security practices are necessary.
If you are creating a personal, one-off project, simple password and secure boot may be enough. But if you plan to deploy many, or sell an IoT product, don’t store anything on external memory that isn’t encrypted and disable debug interfaces before you deploy devices to the field. Debug interfaces like JTAG leave your device open to physical hacking.
As a consumer of electronics products, you can mitigate being an IoT hack server by staying current; get on a mailing list, register your product, buy only from reputable manufacturers, and generally follow security news regarding your electronics. The Open Web Application Security Project (OWASP) is “…an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted.” The OWASP IoT Project is an effort to make it easier for everyone to understand the security issues regarding the IoT and to enable users to make better decisions regarding IoT. Material from the OWASP IoT Project is free to use and distribute.