In this week’s Whiteboard Wednesday, Deral Heiland, Research Lead for IoT Technology, discusses the fail states of IoT. He explains the various fail states, including failure of an access point and failure of connectivity to an access point, as well as the risks to be on the lookout for when dealing with fail states. Learn about the warning signs and risks that occur when fail states aren’t taken care of.
Welcome to this week's Whiteboard Wednesday. My name is Deral Heiland, Research Lead for IoT technology here at Rapid7. This week our topic is Fail States of IoT. So, what are we talking about this week?Show more Show less
During testing and research of IoT technology we like to test for various fail states on the technology. What happens when things quit working the way they're supposed to work? The two states we like to test for is, one, failure of an access point, and also failure of connectivity to the internet.
The way consumer-grade IoT technology is often configured, it ties into your home wifi access point. During the initial configuration, often IoT will fire up its own access point where you can connect into that, and then from there you can configure out. Once it's configured, at that point it'll go into a running state and connect to your home access point.
One of the things we like to test for is what happens when access to your home access point goes away. Does the device fail to actually function, lose all connectivity? Which is what we would expect it to do. Or does it fail into the configuration mode? What I'm saying is, when it fails from running state because it can't connect to the access point, does it go back into the state where it fires up its own access point. This is an issue we want to not happen, so it's one of the areas we like to test for.
Often we even counted a number of devices. That's exactly what happens. If something happens to the access point or an attacker would send DDoS packets to an access point, does my technology fail into a configuration state? Within that configuration state an attacker could easily attach into that device, gain various levels of access, or even possibly reconfigure the device.
The second fail state we like to look at is what happens when internet connectivity goes away. Normal access point functions working, the device is connected to your internal home network, but internet connectivity goes away. Two things could possibly happen. One, I can no longer control my technology unless I'm connected to my local network, or the technology fails to function altogether.
One of our biggest concerns in this fail state is, when this happens, that the technology will drop into what's known as local mode. In that case of local mode, is the security as good as it was when it was connected to the internet? Does encryption remain in place? Does authentication to the device remain in place?
Often we found that in this case that doesn't happen. At local mode, the device is open to full access without any encryption or any authentication. These are two test points that we like to actually test on all IoT technology in our labs, and during our paid assessments. That way we can help the manufacturers better understand their overall security model of their product and improve their technology so that they're not impacted by these two fail states.
That is this week's Whiteboard Wednesday. We'll talk to you next week. Thank you.