Evaluating the risks of interaction between physical devices and internet connectivity
Evaluating the risks of interaction between physical devices and internet connectivity
Internet of Things (IoT) is anything that has internet based connectivity extended to physical devices/systems. This varies from a vehicle to daily use devices such as washing machine, microwave, coffee makers, webcam, and smart toys. The convergence of IT and OT adds new dimension to the risk profile of organisations attempting to scale productivity and automate tasks.
Get the security insights into this tech where many manufacturers forget security by design approach; introduce vulnerabilities unintentionally during development, or other broad range of vulnerabilities.
IoT adoption continues to scale at exponential levels. However various part of the IoT ecosystems is not developing at the same speed. One of these is cybersecurity. We help our customers to understand the unique risks offered by the IoT landscape, and how Defendza's guidance would help them overcome these risks.
Another reason relates to convenience and cost-saving benefits in IoT technologies, followed by lack of secure by design awareness amongst manufacturers. Security researchers displaying the simplest of issues in the smart products have exemplified this multiple times.
The assessment-execution phase is followed by the analysis & reporting. Defendza performs analysis on the testing output, evaluates the risk impact and likelihood of exploitation in realistic scenarios before providing action plans to remediate the identified risks. All our reports address business as well as the technical audience with supporting raw data, including mitigation measures at strategic and tactical levels.
Web server hosting of the application is also considered a vital component during this testing. A weakness in supporting infrastructure including the configuration of the webserver could lead to a slight compromise of the application hosted on it.
Event logging provides you visibility into the operation of your device and the network into which it is deployed. We review how the logs are configured and stored for all the devices under review
The very purpose of security is to be proactive and make it challenging for a threat actor attempting to compromise your network. This might not be enough and you need to able to detect the actual breaches as they are being attempted. Reviewing logs regularly could help identify malicious attacks on your device or network in general.
We review ACL's / rules applied in the device configuration to ensure no additional or inappropriate files have been configured. This also includes identifying any inactive or disabled rules.
Devised to prevent unauthorized direct communication to network devices, infrastructure access control lists (ACLs) is one of the most critical security controls that can be implemented in networks. Infrastructure ACLs leverage the idea that nearly all network traffic traverses the network and is not destined to the network itself.
As part of the audit, we review the device operating system and version in use. We review the patching policy and if the device under review is part of this policy as well.
A patch management policy is important for keeping your system's security regularly updated. Patch management involves obtaining, testing, and installing several patches to the computer system to keep it safe against malware attacks. The tasks carried out during patch management include: keeping up to date on which patches are available, determining what patches are right for your system, making sure that these patches are properly installed, testing your system after installation, and documenting all related procedures.
We analyse the underlying device for excessive and unnecessary services, default access credentials, management services (such as Telnet and SSH), and general configuration.
As a security best practice, any unnecessary service must be disabled. These unneeded services, especially those that use User Datagram Protocol (UDP), are infrequently used for legitimate purposes but can be used to launch DoS and other attacks that are otherwise prevented by packet filtering.
Following the initial run, the app would create several files / data which would be stored in the app folder on the device. These files would be analysed to understand the storage mechanism. This analysis would reveal if any app sensitive data including session tokens, passwords are stored in clear text on the device itself.
The mobile device will be configured to route its connection to the server using a local HTTP proxy. This will enable all the network traffic to be intercepted, viewed, and modified. It will also reveal the communication endpoints between the application and the server so that they can be tested. Network traffic that is not traversing the Web and is happening at a lower layer in the TCP/IP protocol stack, such as TCP and UDP packets, will also be intercepted and analysed.
Passwords control access to resources or devices. This is accomplished through the definition of a password or secret that is used to authenticate requests. When a request is received for access to a resource or device, the request is challenged for verification of the password and identity, and access can be granted, denied, or limited based on the result.
We review the type of authentication mechanism is implemented on the device. In addition, the password policies applied on the roles and privileges /user account on the device is reviewed by analysing the password hash, if that is obtained from the device config
The management plane consists of functions that achieve the management goals of the network. This includes interactive management sessions that use SSH, HTTPS (if web interface available) as well as statistics-gathering with SNMP. When you consider the security of a network device, the management plane must be protected. If a security incident can undermine the functions of the management plane, it can be impossible for you to recover or stabilize the network.
The management plane is the plane that receives and sends traffic for operations of these functions. You must secure both the management plane and control plane of a device, because operations of the control plane directly affect operations of the management plane.
Our reports are comprehensive and include all the evidence that supports our findings. We give you a risk rating that considers how likely an attack is as well as the impact it could have. We don’t create panic scenarios. Our mitigation is detailed, covering both strategic and tactical areas to help our clients prepare a remediation plan.
Apart from the range of commercial and open source tools available for specific testing, our team has its own custom scripts for efficient testing. We provide accurate results to make sure our clients completely understand any vulnerabilities we report.
Our teams are led by veteran security consultants accredited by CREST standards for the last several years. Our experience shows that our clients are best served by giving them the right advice for their cyber security needs. We do not believe in spreading fear, uncertainty and doubt to generate more business.
"My experience to date with Defendza has been very positive, I look for a flexible, knowledable security "partner" when I engage a PT firm. Pentest means many things to many people and there are many different use cases for both the testing activity and the report generated and I need someone to work with me to get the absolute best value out of my security budget."
Excellent people to work with. Very good knowledge of requirement and give us correct findings with excellent remedy to improve our security for our B2B portal site."
"I thought it was a highly professional and thorough exercise and I would have no hesitation recommending Defendza to any of my connections."
"Good personal service. We are delighted with the work Defendza did for us. Highly recommended."
"Extremely satisfied with approach, speed and end results. Thanks."
"My experience of the Defendza team was 5 star. They were so helpful, and their technical delivery and client communication were excellent."
"Harman was great, really knowledgeable, helpful and on hand to answer any questions. The final report was very clear providing the technical information in an easy to read format which could be understood by the leaders of the business. Really enjoyed working with Defendza and look forward to working with them again in the future. Thank you!
Much of the manufacturing industry has failed to take proactive steps to defend against cyber attacks—which is a notable problem considering the growing threats the industry faces