Securing Your Internet of Things
Hi all! I’m Aaron and I’ve worked in Information Security (Infosec) for over 20 years. I’ve been a big fan of Nicole’s, Claire’s, and Ryan’s blog posts since Pure Geekery started, and thought I would try and write a guest post on my own.
I read Nicole’s post about home automation and got very excited for two reasons.
- I’ve been wanting to get into automating my exterior lights based on different conditions, time of day, occupancy, etc.
- Home automation is part of the “Internet of Things” (IoT) which is a fancy term for devices that never used to have Internet connectivity that now do. It includes home automation, but also things like gas pumps, traffic cameras, and other important public infrastructure. This has been a big topic for discussion in the infosec community that has started gaining visibility in the mainstream media.
I started talking with Nicole about this on Facebook and we discussed a few points about how I would architect a network to allow the IoT devices to communicate but protect your more sensitive data at the same time. Basically, I think that having a separate network at home for these devices greatly reduces the amount of risk of compromise.
My concern is that IoT devices have the most basic networking (and security) capabilities built into them. They’re designed to get on a network and talk to each other along with phoning home to send data and get configurations/etc. Since they don’t have a lot of processor and memory, you typically don’t see things like firewalls or access control restrictions (who can access what) on these devices. As such, it’s much easier for an attacker to compromise the device via the network.
A note about risk, I’m not concerned with the aspect of someone attacking your home automation to break into your house, open locks, disable alarms, etc. It’s way easier to break a window, go through an unlocked door, or more common physical intrusion scenarios. The risk I’m talking about is the risk of someone gaining access to your data without you knowing about it.
While some attackers compromise systems to gain sensitive information like banking logins, many others just want to use your bandwidth and computing power to sell to other attackers to send spam, attack other networks, and so on. Another valuable set of data is your habits about what you do in your house, how often do you leave and come back, what times of day is the house unoccupied, and even capturing audio/video within your house (if the device is capable). This type of data is very valuable to marketing and sales agencies as well as criminals that might want to use this data for profiling people.
Most people have a wireless network at home, either provided by the ISPs modem, or added on themselves. If all the devices on the network connect to the same network name (SSID), and there’s nothing on the access point preventing them from talking to each other (client isolation), then there’s the risk that an infected computer can start looking at what else is on the network to attack. One possible solution is to segment your network. Some access points or routers have the ability to use multiple SSIDs for different purposes. If this is on the ISPs provided router, then there should be settings where you can prevent different SSIDs from talking to each other. Here are a few resources talking about how to do this with TPlink and Ubiquiti AP/routers. You could also purchase a cheap wireless access point, or router, and use it only for your home automation or other non-computing use devices (like Roku, AppleTV, Smart TVs). This will require a bit more setup and maintenance to keep the two networks from seeing each other, such as access control lists or firewall rules. An easy way to do this is to use a router that is compatible with the DD-WRT free firmware. With DD-WRT you can offer both multiple wireless networks (SSIDs) as well as VLANs (Virtual Local Area Networks) which allow you to setup multiple virtual network segments over the same wire. DD-WRT is an excellent basis to use for building a new segmented network.
No matter which way you end up doing it, it’s good to be aware of the risks and pitfalls to having these two different systems on the same network.