BMT 342: Security and Privacy in IoT - Lecture 7

Questions and Answers

What is a key benefit of regularly patching and updating software on IoT devices?

• It addresses known vulnerabilities to prevent cyberattacks. (correct)
• It enhances the visual interface of the device.
• It increases the device's connectivity range.
• It improves the device's battery life.

Which of the following regulatory standards should organizations adhere to for data privacy?

• Sarbanes-Oxley Act (SOX)
• Privacy Act of 1974
• Health Insurance Portability and Accountability Act (HIPAA) (correct)
• Federal Information Security Management Act (FISMA)

What should a comprehensive security incident response plan include?

• Incident detection, control, and recovery procedures. (correct)
• Customer satisfaction analysis.
• Emergency contact information for staff.
• Marketing strategies for the organization.

What consequence can cyberattacks on IoMT systems lead to in the healthcare industry?

Increase in medical complications. (D)

Which method is NOT effective for enhancing network security in IoT?

Regularly deleting device logs. (D)

Which cyberattack involves capturing wireless data and replaying it to gain unauthorized access?

Replay Attack (D)

What is a key consequence of a Man-in-the-Middle attack on IoMT devices?

Unauthorized access to secure data (C)

Which measure is NOT typically associated with ensuring robust security in IoT/IoMT systems?

Tampering with devices (B)

What type of attack aims to disable the functionality of IoMT systems by overwhelming them with requests?

Denial of Service Attack (B)

In the context of IoMT security, which of the following is an effective way to protect data in transit?

Data encryption (A)

Which cyberattack method involves creating fake access points to intercept sensitive data?

Rogue Access Points (A)

What is a potential outcome of a Malware Attack on IoMT devices?

Unauthorized data access (C)

Which security measure helps verify the identity of users and devices in an IoT ecosystem?

Access control (D)

Flashcards

Enhance Network Security

Protecting networks with firewalls and secure protocols like TLS to prevent unauthorized access and data breaches.

Regular Patching and Updating

Regularly updating software on IoT devices with the latest security patches to fix vulnerabilities and mitigate risk.

Security Incident Response Plan

Developing a plan for dealing with security incidents, including detection, control, and recovery procedures.

Adhering to Regulatory Standards

Adhering to regulations like GDPR and HIPAA to ensure compliance with data privacy and security standards.

Impact of Cyberattacks on IoMT

Cyberattacks on IoMT systems can have severe consequences, leading to poor patient outcomes, increased hospital stays, and even higher mortality rates.

What motivates cyberattacks on IoT/IoMT devices?

Cyberattacks target the data collected by Internet of Things (IoT) and Internet of Medical Things (IoMT) devices due to its sensitive nature and potential value to attackers.

What is a Man-in-the-Middle attack?

Attackers intercept data transmitted between IoMT devices, potentially altering it to cause harm like medication overdosing or inaccurate results.

What are Rogue Access Points?

These attacks involve creating fake Wi-Fi networks that trick IoMT devices into connecting, allowing attackers to intercept sensitive data.

What are Denial of Service (DoS) Attacks?

Attackers flood IoMT systems with excessive service requests, overwhelming them and making them unresponsive to legitimate users.

What are Malware Attacks?

Attackers introduce malicious software, such as spyware, worms, Trojans, viruses, and ransomware, into IoMT devices and systems. They exploit security flaws to gain access and potentially cause serious damage.

What are Tampering Device Attacks?

Attackers physically tamper with sensors to either partially or entirely disrupt or manipulate their functions.

Describe key security and privacy measures for IoT/IoMT systems.

These security measures strengthen the protection of IoT/IoMT systems. They authenticate users and devices, use encryption to safeguard transmitted data, and control access to the network.

How do authentication and access control measures work in IoT/IoMT?

Two-factor authentication, passwords, and biometrics are used to verify user and device identities before granting access to the IoT network.

Study Notes

BMT 342: Security and Privacy in IoT/IoMT - Lecture 7

• Objectives: To understand cyberattack types on IoT/IoMT devices, key security measures, and the consequences of cyberattacks on IoMT systems.

Introduction

• Protecting data mined by IoT/IoMT devices and sensitive data is challenging.
• IoT/IoMT devices require robust security and privacy measures to prevent cyberattacks and data breaches, ensuring ethical data collection and use.

Attack Types

• Replay Attacks: Attackers interrupt and capture wireless data to gain unauthorized access.
• Man-in-the-Middle Attacks: Attackers intercept and modify data transmission between IoT devices, potentially leading to dangerous outcomes like medication errors.
• Rogue Access Points: Attackers create fake access points to intercept traffic and gain access to sensitive data.
• Denial-of-Service (DoS) Attacks: Attackers overload systems with requests, disrupting their availability and responsiveness.
• Malware Attacks: Attackers inject malicious software into devices and systems to exploit vulnerabilities and cause damage (e.g., spyware, worms, trojans, viruses, ransomware).
• Tampering Devices: Attackers physically tamper with sensors to impair their functionality.

Security and Privacy Measures

• Authentication and Access Control: Implement robust authentication methods (passwords, two-factor authentication, biometrics) to verify user and device identities.
• Encrypting Data: Encrypt data stored and transmitted between IoT devices to prevent unauthorized access.

Security and Privacy Measures (Continued)

• Regularly Patching and Updating: Regularly update IoT devices' software to address known vulnerabilities.
• Enhance Network Security: Protect IoT networks with measures like firewalls and secure protocols (e.g., TLS).

Security and Privacy Measures (Continued)

• Adhering to Regulatory Standards: Comply with regulations like GDPR and HIPAA to ensure legal data privacy and security.
• Security Incident Response Plan: Develop a plan to handle security breaches or incidents, including detection, control, and recovery procedures.

Consequences of Cyberattacks on IoMT Systems

• Cyberattacks on IoMT systems can have serious consequences, negatively impacting patient outcomes and increasing mortality rates.
• Consequences include poor patient outcomes due to delays in tests and procedures, increased patient transfers, increased medical complications, longer hospital stays, and increased mortality rate.

Description

This quiz delves into Lecture 7 of BMT 342, focusing on various types of cyberattacks on IoT/IoMT devices. Understand security measures against these threats and the potential consequences of data breaches. Test your knowledge on topics including replay attacks, man-in-the-middle attacks, and denial-of-service attacks.