Chapter 13 - 02 - Discuss the Security in IoT-enabled Environments - 03_ocred_fax_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Exam 212-82
loT and OT Security

IoT Device Management
OQO 10T device management helps in supporting loT solutions by using any software tools
and processes and helps in onboarding latest devices securely and promptly
[—— -]

Azure IoT Central
IoT Device
Management Solutions BEMESIOHIEoR
e |
& rogmind - Ovrien
» Oracle loT Asset Monitoring Cloud st
https://www.oracle.com AECEECI C s mostern........... reeretstera... as Py
I;r— 1
"y e
::.4 O ey
»» Predix
Predix - = e Panan
[oms ®® oo ¢¢ @6 585 >N
https://www.ge.com — 5
5= e
Py [ '
o z @ '
» Cloud loT Core o Theast detection
Theast detection
https://cloud.google.com
= -L o [E ) Sv———"
berennis wnairy b WW M
Mt ebt s
e b. 9 Ovre n [y I k4 252
» 1BM
|BM Watson loT Platform 0 Ih T h e >
https://www.ibm.com I5e LU

» AT&T loT Connectivity Management
https://www.business.att.com
hteps:/fazrure.microsoft.com
https://azure.microsoft.com.

cll. All Rights Reserved. ReproductionisIs Strictly Prohibited

IoT Device Management
loT device management helps security professionals to track, monitor, and manage physical lIoT
devices from a remote location. Security professionals can use solutions such as Azure loT
Central, Oracle loT
10T Asset Monitoring Cloud, and Predix to perform loT IoT device management.
These solutions allow security professionals to update the firmware remotely. Further, loT
device management helps in providing permissions and enhancing security capabilities to
ensure protection against various vulnerabilities.

loT device management can be very supportive in preventing loT attacks as it can provide:

= Proper authentication, as only trusted and secure devices with proper credentials are
enrolled

= Accurate configuration, controlling devices to ensure proper functionality and improved
performance. It can also reset the factory settings during device decommissioning.
= Proper monitoring to detect flaws and diagnose operational issues and software bugs
through program logs

= Secure maintenance of remote devices and frequent device updates with the latest
security patches

loT Device Management Solutions
loT device management solutions are used by security professionals, IT admin, or loT
administrators for onboarding, organizing, monitoring, and managing loT devices.

Module 13 Page 1586 Certified Cybersecurity Technician Copyright © by EG-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
loT and OT Security

Discussed below are some loT device management solutions:

= Azure loT Central

Source: https://azure.microsoft.com

Azure loT Central is a hosted, extensible software-as-a-service (SaaS) platform that
simplifies the setup of 10T solutions. It helps to easily connect, monitor, and manage loT
assets at scale. Azure |loT Central can simplify the initial setup of an loT solution and can
reduce the management burden, operational costs, and overheads of a typical loT
project.

Microsoft Arure

w rogm-hub.’ rtogm-hub - Overview

Threat prevention

Automanc Devae Marsgemant Hew'th moritenng
B Ovice recomme. ndations -
Most prevalent devece
N e recommendatony
55

2
® 612 @ 55
b Q- 1
O 17

Threat detection

B Oevice vecurity slerts T Revource vecurity alerty ® Most attached deveces
——
| | 439 4 & e 2852 e
-
1
|| | I 'HG
@ Moo 2 i
lZ 3K 4
B Advace
B Secunty Conter
Cont Management + &

Figure 13.10: Screenshot of Azure loT Central

Listed below are some of the additional solutions for loT device management:

= QOracle 10T Asset Monitoring Cloud (https.//www.oracle.com)
* Predix (https://www.ge.com)
* Cloud loT Core (https://cloud.google.com)
= |BM Watson loT Platform (https://www.ibm.com)
= AT&T loT Connectivity Management (https://www.business.att.com)

Module 13 Page 1587 Certified Cybersecurity Technician Copyright © by EG-Gouncil
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
loT and OT Security

IoT Security Best Practices

1 2 3 4
————
e — | ————————
—————— -. 1 |E—
—
Disable the “guest” Use the “Lock Out” Implement strong Locate control system
and “demo” user feature to lock out authentication networks and devices
accounts if enabled accounts for excessive mechanisms behind firewalls and
invalid login attempts isolate them from the
business network

S 6 4Z 8
[ ————— [ e |S—

Implement IPS and Implement end-to-end Use VPN architecture Deploy security as a
IDS in the network
1DS encryption and use for secure unified, integrated
Public Key communication system
Infrastructure (PKI)

IoT Security Best Practices
Disable the “guest” and “demo” user accounts if enabled
Use the “Lock Out” feature to lock out accounts for excessive invalid login attempts
Implement a strong authentication mechanism
Locate control system networks and devices behind firewalls, and isolate them from the
business network

Implement IPS and IDS in the network
Implement end-to-end encryption and use public key infrastructure (PKIl)
Use VPN architecture for secure communication
Deploy security as a unified, integrated system
Allow only trusted IP addresses to access the device from the Internet
Disable telnet (port 23)
Disable the UPnP port on routers

Protect the devices against physical tampering
Patch vulnerabilities and update the device firmware regularly
Monitor traffic on port 48101, as infected devices attempt to spread the malicious file
using port 48101

Module 13 Page 1588 Certified Cybersecurity Technician Copyright © by EC-Gouncil
EG-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
loT and OT Security

= Position of mobile nodes should be verified with the aim of referring one physical node
with one vehicle identity only, which means one vehicle cannot have two or more
identities

= Data privacy should be implemented; therefore, the user’s account or identity should be
kept protected and hidden from other users

= Data authentication should be performed to confirm the identity of the original source
node
= Maintain data confidentiality using symmetric key encryption

= Implement a strong password policy requiring a password at least 8—-10 characters long
with a combination of letters, numbers, and special characters

= Use CAPTCHA and account lockout policy methods to avoid brute-force attacks

= Use devices made by manufacturers with a track record of security awareness

= |solate loT devices on protected networks

Module 13 Page 1589 Certified Cybersecurity Technician Copyright © by EG-Gouncil
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
loT and OT Security
10T

IoT Security Tools
Bevywise IoT Bevywise loT Simulator is an intelligible simulation tool to simulate tens of ‘
Simulator thousands of MQTT clients in a single box

SeaCat.io
SeaCat.io \\

©0&1
Dovies Do [N
oevice Dotaits [ 0
71 ST
EXS @0 https://teskalabs.com
https://teskalabs.com

Device Property Value
Client Name AS3
A4 New
Now Device
Devies Details
Dessite %* Gingertroad
naartre
i [ : DigiCert loT
10T Security Solutions
Clent
Client Deseription
Dascription Onece Name
Ouvce Narme rrones
=== [
ee https://www.digicert.com
https://www.digicert.com
H
WILL Topic
WILL Topic Cwen Dencripnion
Dweca Deacrpnin

WILL Message Lk
ik JRR—
[IRR——- o
WILL Retain e
T ——
\onere Sevce Bren f©)
é@b FortiNac
FortiNAC
net.com
et Gos
Wt Gos e Jq : Syt
< https://www.fortinet.com
https://www.forti
Mossages
Mossagos Publish Wil
Wl Retaiy
Retab OCnar Roten fug
0 Cinar Roisn Pag _]_J [+
[+] i

® O«
Tepic
Tepic
Darktrace
Oo
race.com
https://www.darktrace.com
https://www.darkt
Subscribed Topics [+
[+]

Subscribe On
Subscribe On
Subicribed Topic
Subscribed Topic QoS
Qo
Cisco loT Threat Defense
Hour Minute Se
https://www.cisco.com
members/arrival
members/arral ©O AMtmost
Mtmost Orce
Once 1 1 1

https.//www.bevywise.com )@

Copyright © by EC-Councll.
Copyright EC-{ cll. All Rights Reserved. Reproductionis Strictly Prohibited
Prohibited.

IoT Security Tools
The 10T
loT is not the only range of devices connected to the Internet, but it is also a very complex,
rapidly growing technology. To understand and analyze various risk factors, proper security
solutions must be incorporated to protect the |oT loT devices. The use of 10T security tools helps
organizations to significantly limit security vulnerabilities, thereby protecting the loT devices
and networks from different kinds of attacks.
Bevywise loT Simulator
Source: https://www.bevywise.com

Bevywise loT Simulator is an intelligible simulation tool to simulate tens of thousands of
MQTT clients in a single box. It can be used to develop, test, and demonstrate loT
servers and managers. loT Simulator can be configured to send real-time messages
within a range or from a random set of values based on the time and client. Further, it
can simulate dynamic messages in two message formats, namely, TXT and JSON, like
real-world loT
10T devices. For flexibly varying the data published in every sequence and to
make the data in sync with the real device, 10T Simulator supports four types of dynamic
values to be sent as a part of messages: system variable timestamp and client identifier,
random, range, linear, and constant. 10T events can be configured with a predefined
loT
dataset by uploading a CSV file.

Module 13 Page 1590 Certified Cybersecurity Technician Copyright © by EG-Gouncil
EG-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
loT and OT Security

loT-Simulator

Device oetals [ [ °
Device Property Value
Admin_Laptop
Add New Device Details
Client Name 8- GingerBread
Employees_Agent
Client Description Device Name tion
Iphone
Iphono
Fan_Agent 3
WILL Topic Device Description
mobile

Hall_Light_Agent WILL Message Will Tople
WILL Message connection/status

Will Message
Iphone device cown
Heater_Agent WILL Retain
Will QoS
0-Armost once j
JO_Android_Moblle
Messages Publish Will Retain
0-Cloar Rotain flag j e
o
JO_lphone
JD_lphone
Topic

Kitchen_Light_Agent
Cancel
&
4]
MD_Androld_Moblle
MD_Android_Moblle
Subscribed Topics
@
MD_Car_Agent
Subscribe On
Subscribed Topic QoS
Hour Minute Se

members/arrival 0-Atmost Once 1 -1 1

Figure 13.11: Screenshot of Bevywise loT Simulator

Listed below are some of the additional 10T security tools and solutions:

= SeaCat.io (https://teskalabs.com)
= DigiCert 10T
loT Security Solutions (https://www.digicert.com)
=» FortiNAC (https.//www.fortinet.com)

= Darktrace (https://www.darktrace.com)
= Cisco loT Threat Defense (https://www.cisco.com)

Module 13 Page 1591 Certified Cybersecurity Technician Copyright © by EG-Gouncil
All Rights Reserved. Reproduction is Strictly Prohibited.