– IoT systems must be protected from threats to other networks and users (external security), as well as from threats to their users and property (internal security); [30]
– the Internet is an interconnected network of networks in which the security of each of them affects the security of the others. [30]
Let’s look at some IoT security threats:
– Malware distribution botnets can be used to attack IoT devices connected to the global network;
– Denial of service DoS attack to slow down services and discredit businesses;
– social engineering attacks aimed at illegally obtaining confidential information about users can also be exposed to devices connected to IoT;
– targeted cyber attacks in order to gain illegal control and access to the network while remaining unnoticed for a long period of time;
– ransomware virus;
– remote recording of Internet of Things users in order to obtain confidential data;
– physical damage to equipment controlled by the Internet of Things by obtaining control;
– falsification of data in order to make wrong decisions;
– digital espionage.
As you can see, information in the modern world plays a very important role, especially when it is possible to remotely control various devices or predict the implementation and manage business or technological processes, so cybersecurity issues come to the fore.
Some methods of IoT risk reduction:
– Management and control of Internet of Things endpoints by identifying and adding to the inventory of resources to reduce the likelihood of cyber attacks;
– identify the IT security vulnerability zone;
– detection of abnormal deviations in data during the interaction of devices and servers;
– using a good data encryption system and protocols;
– management control at the identity level to identify users and their actions. Authentication helps companies better understand how users access devices, which increases the level of protection against vulnerabilities and misuse.
It is worth noting that with the development of IoT, it is necessary to guarantee sufficient security of solutions, since they operate with a large amount of confidential data that directly affects the most important production processes. For this purpose, measures are carried out aimed at:
– Security of devices and sensors. Device security is implemented through device authentication, partial message encryption, and sensor firmware updates.;
– Connection protection. Ensuring the confidentiality of data and their protection from unauthorized modification is necessary when transferring data between the device and the IoT platform. Here the protection is based on Transport Layer Security (TLS) technology. At the same time, the data is encrypted to prevent unauthorized listening and understanding of the content.
1.1.3 Authentication as an important factor of the Internet of Things
It is necessary to ensure the following security properties of Internet of Things devices:
1) a reliable access and authentication system based on cryptography. Encryption is necessary to protect communication between iOS devices, and cryptographic device identifiers are needed for this. You need to make sure that only authorized users have access to connected devices;
2) cryptographic security of the software. Using the PKI system to sign the code and verify its authenticity;
