Security Testing LTE Connected IoT Devices – A Cost Effective Penetration Test

Security Testing LTE Connected IoT Devices – A Cost Effective Penetration Test

Time after time, innovative technologies have entered the market, failed to catch on initially only to find success in the second wave. One could point to social networking and the rise and fall of Myspace as an excellent example and the dot.com bubble another. The internet of things (IoT) could fall into that trap, with the current wave struggling to succeed for any number of issues, security being one of them. IoT, as we’ve pointed out on this blog on many occasions, has many upsides. Companies focused on IoT should pay close attention to areas such as security to mitigate any public failures that could impact its reputation early and cause users to think twice before adopting. Security is especially critical, given that Ericsson estimates 18 billion IoT devices by 2022!

TechCrunch covered some of the security issues in an article entitled, “Why IoT Security Is So Critical.” They highlighted the vulnerabilities of IoT, what was being done at the time, and what more was necessary.

The article highlighted popular technologies that have become IoT-enabled and thus vulnerable to these types of attacks. One example used was IoT baby monitors, which, “Could be leveraged by hackers to carry out a number of nefarious activities, including monitoring live feeds, changing camera settings and authorizing other users to remotely view and control the monitor.” Other areas of vulnerability that were discussed included driverless cars and wearable technologies.

The above are just a small list IoT devices that could be susceptible to an attack. Beyond the ability to intercept and control IoT devices, other areas of risk in the IoT world include denial of service attacks, badly constructed message formats as well as other hacks and exploits.

As recently as last year, a massive Distributed Denial of Service attack was unleashed across the US. IoT played a role, as a Chinese electronics manufacturer admitted weak security that allowed their devices to be infected with Malware.

A test to address these weaknesses is the penetration test (pen test). The penetration test creates a simulated environment to identify any vulnerabilities before hackers can. This could include probing the application to uncover any hard coded login credentials that could be used to access the device, any issues with the Wi-Fi connection that could be easily accessed, i.e. static SSID names, etc. As the result of a pen test, potential attack scenarios can be identified and addressed before the product or application is released.

When considering an LTE network, it is generally assumed that the user equipment (handsets, etc) is less secure by default, so the LTE network provider designs the network with significant protection from attacks. But, as IoT usage moves into more mission critical environments such as aerospace and public safety, the user equipment must be tested to ensure no added risk. As a result, it is important for user equipment manufacturers to perform testing. But, since the public LTE network is not accessible for purposes of testing, how to replicate that environment in the lab? 

Valid8.com offers a solution to perform penetration testing. Our technology replicates the LTE environment configured to facilitate the testing of LTE devices. An example would be firewall testing. Valid8.com creates an environment where a device attaches to a simulated network, gets an IP address (IPv4, or IPv6) and is now connected to the simulated LTE network, just like a laptop on a traditional network. From there, the device can be safely tested for any vulnerabilities.