[](https://codetiger.github.io/blog/the-day-my-smart-vacuum-turned-against-me/)
## The "S" in IoT stands for "Security".
[](https://www.statista.com/statistics/1183457/iot-connected-devices-worldwide/)
[](https://owasp.org)
[](https://owasp.org/www-project-top-ten/)
notes:
* https://blog.omnetworks.com.np/owasp-top-10-understanding-the-most-critical-application-security-risks/
[](https://wiki.owasp.org/index.php/OWASP_Internet_of_Things_Project#tab=IoT_Top_10)
notes:
* https://www.appsealing.com/owasp-iot-top-10/
### #1 Weak, guessable or hard coded passwords
> Use of easily bruteforced, publicly available, or unchangeable credentials, including backdoors in firmware or client software that grants unauthorized access to deployed systems.
[](https://s1.nordcdn.com/nord/misc/0.42.0/vpn/brand/your-smart-devices-put-you-at-risk.pdf)
### Common Insecure credentials
* `admin/admin`
* `guest/guest`
* `user/password`
* `root/toor`
* `test/test`
* `student/student`
## [defpass.com](https://defpass.com/)
[](https://nordvpn.com/blog/baby-monitor-iot-hacking/)
[Hacker terrorizes family by hijacking baby monitor](https://nordvpn.com/blog/baby-monitor-iot-hacking/)
[](https://haveibeenpwned.com)
## How to Mitigate Risk?
* `.gitignore` credential/config files
* use environment variables
* when UI is available
* avoid to use default credentials!
* ask for login and password on first run!
* invalid credentials message always (don't help attacker by telling him the login is ok)
### #2 Insecure network services
> Unneeded or insecure network services running on the device itself, especially those exposed to the internet, that compromise the confidentiality, integrity/authenticity, or availability of information or allow unauthorized remote control...
```
$ nmap 192.168.1.1
Starting Nmap 7.93 ( https://nmap.org ) at 2023-12-03 18:51 CET
Nmap scan report for 192.168.1.1
Host is up (0.00057s latency).
Not shown: 998 closed tcp ports (conn-refused)
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
23/tcp open telnet
80/tcp open http
Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds
```
## How to Mitigate Risk?
* turn off unwanted services
* create separate network for IoT solution
* use secure communication channel
* problem with microcontrollers
### #3 Insecure ecosystem interfaces
> Insecure web, backend API, cloud, or mobile interfaces in the ecosystem outside of the device that allows compromise of the device or its related components. Common issues include a lack of authentication/authorization, lacking or weak encryption, and a lack of input and output filtering.
## How to Mitigate Risk?
* use secure and reliable authentication and authorization mechanism with auditing system
* use existing one instead of creating your own
* use encrypted communication
* use filtering of incomming and outgoing network communication on network interfaces
[](https://owasp.org/www-project-top-ten/)
notes:
* https://blog.omnetworks.com.np/owasp-top-10-understanding-the-most-critical-application-security-risks/
### #4 Lack of secure update mechanisms
## When was the last time you updated the firmware on your home WiFi router?
> Lack of ability to securely update the device. This includes lack of firmware validation on device, lack of secure delivery (un-encrypted in transit), lack of anti-rollback mechanisms, and lack of notifications of security changes due to updates.
[AEG combi microwave unusable after update: device thinks it is a steam oven](https://taketonews.com/aeg-combi-microwave-unusable-after-update-device-thinks-it-is-a-steam-oven/) (March, 2022)
### #5 Use of insecure or outdated components
> Use of deprecated or insecure software components/libraries that could allow the device to be compromised. This includes insecure customization of operating system platforms, and the use of third-party software or hardware components from a compromised supply chain.
> **Supply chain** is all the parties, processes, and sw or hw components involved in building and delivering an IoT device, where a **compromise at any stage can affect the device’s security**.
### What makes up the IoT device supply chain?
* hw manufacturer
* firmware and OS suppliers
* third-party libs
* cloud services
* production process
* distribution and OTA
## How to Mitigate Risk?
* use up-to-date libraries
* (often) check your softvare and your platform for vulnerabilities
* part of CI/CD pipeline
[](https://github.com/anchore/grype)
### #6 Insufficient privacy protection
> User’s personal information stored on the device or in the ecosystem that is used **insecurely**, **improperly**, or without **permission**.
## How to Mitigate Risk?
* store critical data securely with proper permissions
* use encryption
* use filesystem encryption
### #7 Insecure data transfer and storage
> Lack of encryption or access control of sensitive data anywhere within the ecosystem, including at rest, in transit, or during processing.
## How to Mitigate Risk?
* secure data in transfer
* encrypt data on storage
* protect data against unauthorized access (RBA, tokens, password, two factor auth.)
* check data integrity (with signatures, CRC check)
### #8 Lack of device management
> Lack of security support on devices deployed in production, including asset management, update management, secure decommissioning, systems monitoring, and response capabilities.
[](https://www.balena.io/)
[](https://docs.balena.io/learn/deploy/deployment/)
### #9 Insecure default settings
> Devices or systems shipped with insecure default settings or lack the ability to make the system more secure by restricting operators from modifying configurations.
notes:
* https://www.reversinglabs.com/blog/mirai-botnet-continues-to-plague-iot-space
### #10 Lack of physical hardening
> Lack of physical hardening measures, allowing potential attackers to gain sensitive information that can help in a future remote attack or take local control of the device.