IoT Gateways and backend system need constant monitoring to ensure IoT nodes can and do provide effect reporting and control.
The design of LoRaWAN is basically secure. But the way the gateways and nodes are configured and deployed can alter the operational effectiveness. This in turn effects the security of the systems and data.
Security risks can occur throughout an IoT system. The aim of a system designer is to prevent the exposure of the communication between the sensor and backend applications. In Vaelid™ experience issues can and do occur in operational deployments.
Monitoring of the deployed environment is critical to safe and effective deployments and this is what Vaelid™ provides.
Risks can occur in many areas including:
- The RF environment such as Interference, Multipath, Jamming, Covert Surveillance and Gateway spoofing.
- Tampering with Backend Servers and Applications
- LAS (LoRaWAN Application Servers)
- CUPS (Configuration and UPdate Servers)
- Join Application Servers
- LNS (LoRaWAN Network Server)
- NM (Network Manager Used for configuration and Statistic of Gateways)
- External Application Servers E.g. Cayenne™ Node-RED™
- Transport network between Backend and Gateways/ Packet Forwarder
- Manipulation of RF and transport protocols used between Nodes, Gateways and Applications
- Data transfer between the Sensors and Nodes
- Node or Gateway operational code open to hidden code, or side channel attacks.
- Manipulation of the Gateway information such using it to locate a target node.
Types of Attack
- Interception of traffic
- Gateway Spoofing similar to GSM “False Base-Station” attacks
- Owner spoofing in “Backend” e.g. TTN Servers
- Illegal access to Master Key Servers and then using keys for different attack vectors, often a police or government attack
- Poor of False Node applications, that have:
- Lack of hardened Security Modules
- Access to nodes via programming ports or Firmware Update Over the Air (FUOTA)
- Able to be reloaded node with Trojan / Malware in production or in field with servicing ports
- Send data or respond to downlink controls and send data to a phantom System, that acts as 2 application on the device for genuine client and one for the attacker.
Leave a Reply