With the proliferation of connected devices and the Internet of Things (IoT), people are starting to see security vulnerabilities ascend to new levels of potential impact.
In the last few months, the industry has experienced the first FDA recall of an implantable pacemaker for a firmware update, and a vulnerability that affects the CAN bus of all connected cars.
>See also: It’s time to take IoT security seriously
That means over 465,000 patients are being told to visit their doctor for a firmware update (doctors as patch managers!) and nearly every modern car could have its safety features, such as airbags, ABS brakes, and power steering, shut down if hackers took advantage of the security flaw – which by the way is essentially un-patchable.
The fight against malware
IoT spending is set to reach 1.7 trillion by 2021. That level of investment puts security firmly at the forefront of critical business priorities. IoT touches consumers who use wearable electronics, families buying state-of-the-art appliances, businesses using internet-connected equipment, cities installing connected parking metres, and many others.
The unfortunate reality however is that some IoT devices don’t provide a way to update software, to add new features, or to address security vulnerabilities that may get discovered, and many more don’t offer a secure mechanism to do so to ensure the authenticity and integrity of the update.
Code signing is one of the key ways to address the ongoing challenges around secure software updates, as the software update process can be used by hackers to attempt to introduce malware. Long recognised as an essential part of good software hygiene, code signing is a method to prove the origin and integrity of executable software, or more generally any file.
In practice, the creator of the file creates a digital signature of a hash of the file using a private signing key. Users can, then, obtain the originator’s associated public key and digital certificate and use it to validate that the party purporting to have created the signature in fact did so, and that the payload has not been modified since.
It’s an intelligent way to protect companies, brands, partners, and users from the dangers of unauthorised software.
Code signing’s Achilles heel
The biggest threat to a code signing system is the security of the private signing key. Although it is often encryption keys that get all the attention as the latest data security breach hits the press, signing keys can be just as valuable if not more so.
Unfortunately, signing keys are sometimes not as tightly controlled as encryption keys, and in some cases may be left in the hands of software developers who are not well versed in secure key management practices.
One solution to this is to protect signing keys with certified hardware security modules (HSMs), and to develop workflows with appropriate approvals as part of an overall software release process. Code signing with well-protected signing keys is one of the best weapons against the introduction of malware and will be very important for IoT devices.
In addition to code signing, organisations need to ensure rigorous testing of devices is a vital part of their security program. As cyber attacks become more sophisticated, some organisations have started opening up their product testing to the public as a means to test their defences and rewarding those that find issues accordingly.
This approach helps them expose products to more comprehensive testing from a much wider community, ultimately resulting in better QA and hopefully fewer security issues.
Securing the future of IoT
Experts predict that there could be as many as 30 billion connected devices worldwide within the next three years, a number that is set to reach 80 billion by 2025. With the advent of IoT, securing connected devices has never been more important. But many devices continue to be built without even the most basic of protections.
While a secure software update process using code signing is a well-established best practice in enterprise security, some IoT devices lack any update capability at all, let alone a secure one.
Additionally, many IoT devices ship with default passwords that users are not required to change, opening the door to unwanted administrative logins from remote attackers.
Particularly in the consumer device world, where flashy features and low prices – as opposed to security – tend to drive buying behaviour. This is a big problem that’s not going away anytime soon.
>See also: IoT security needs to be enhanced
An important piece of the puzzle in today’s environment is to focus on software security; develop with best practices, test for vulnerabilities, and ensure there is a mechanism to ensure authenticity and integrity of software updates over time.
A big part of software security is to protect the often-forgotten private signing keys – the lynchpin of a secure software delivery process. Protecting those keys in an HSM as described above and putting proper access controls and approvals in place to use them protects not only the user of the device but also the company that produces it, and is responsible for its software.
If a private signing key is stolen, a perfectly legitimate signature that will pass all verification can be placed over a completely illegitimate malware payload, with any number of consequences from there.
As hyper-connectivity continues to transform how people live, work and play, staying one-step ahead of cybercriminals will never be without its challenges. The recent vulnerabilities in pacemakers and connected cars only scratches the surface of potential IoT security risks, and illustrates new and dangerous levels of impact.
Fast forward ten years and the predicted IoT-run world could look very different if protection isn’t prioritised. As an industry, now is the time to enforce basic safety and security measures to ensure devices are used for their intended purpose, and not as play-things for cyber attackers. It’s the only way to continue the advancement of IoT and for us to truly benefit from it in the digital era.
Sourced by John Grimm, senior director of IoT security strategy, Thales eSecurity
The Women in IT Awards is the technology world’s most prominent and influential diversity program. On 22 March 2018, the event will come to the US for the first time, taking place in one of the world’s most prominent business cities: New York. Nominations are now open for the Women in IT USA Awards 2018. Click here to nominate