Keysight IoT Security Assessment

Download as pdf or txt
Download as pdf or txt
You are on page 1of 13

SOLUTION BRIEF

Keysight IoT Security


Assessment
The Security You Need for a Connected World
Are You Prepared for the Growing Risk
to IoT Devices?
As the number of IoT devices worldwide continues to grow, so do the risks. The number of IoT
devices will almost triple from 9.7 billion in 2020 to more than 29 billion in 2030.1

A recent report by Zscaler’s ThreatLabz revealed a 400% increase in IoT malware attacks in 2023
compared to the previous year.2 This increase is an indication of the expanding role IoT devices
play in our everyday lives. Additionally, research indicates that cybercriminals are targeting legacy
vulnerabilities, with 34 of the 39 most popular IoT exploits specifically directed at vulnerabilities that
have existed for over three years.

Can you detect all IoT vulnerabilities including firmware?

Are you adequately equipped to conduct comprehensive testing of IoT devices in the face of this
growing threat? Are you able to detect all vulnerabilities on your IoT devices ?

Firmware analysis has never been an easy job due to the diversity and closed nature of the
environment. The absence of necessary interfaces and constrained hardware resources make
firmware invisible to network-based security tools. This invisibility makes firmware vulnerabilities
harder to detect and, consequently, more challenging to address.

Failing to take action could result in significant costs.

Are you ready for IoT device standards and specifications?

Several institutions are leading the way to introduce cybersecurity standards and labeling
requirements for IoT devices. Notable examples include the European Telecommunications
Standards Institute (ETSI EN 303 645), the National Institute of Standards and Technology (NIST
IR 8425) in the United States, and the International Organization for Standardization/International
Electrotechnical Commission (ISO/IEC ISO 27402).

1
Statistic 2023 IoT connected devices worldwide 2019-2030 | Statista https://www.statista.com/statistics/1183457/iot-
connected-devices-worldwide/
2
Zscaler ThreatLabz 2023 IoT and OT Threat Report, https://www.zscaler.com/press/zscaler-threatlabz-finds-400-increase-
iot-and-ot-malware-attacks-year-over-year-underscoring

Keysight IoT Security Assessment | 2


Some countries, including the United States, are implementing IoT device security requirements
across various sectors. Among others, these requirements encompass the consumer, transportation,
and energy sectors for example, with initiatives such as the Cyber Trust Mark for Consumer IoT
devices, TSA for Pipeline Operators, CMMC 2.0 for Defense Contractors, and UL 2941 for Distributed
Energy Resources.

As IoT cybersecurity standardization and labeling requirements intensify and compliance deadlines
loom, are you ready?

High profile examples of IoT device vulnerabilities

Over the years, there have been numerous high-profile IoT attacks across various industries. Even
back in 2007 when cyberattacks did not make the daily news, the Stuxnet IoT attack on an Iranian
uranium purification plant gained control of different machines, resulting in damage to uranium-
enrichment centrifuges. Five years later, in 2012, TrendNet's webcams were hacked, causing a
massive breach of privacy as live feeds from thousands of users' webcams were streamed online.
In November 2016, cybercriminals even took control of the heating systems in two buildings in
Finland, posing a significant risk to life.

In 2021, a breach involving 150,000 Verkada security cameras exposed day-to-day activities within
banks, government departments, and large corporations. These incidents not only raise concerns
about the security of IoT devices but also their potential impact on personal privacy.

More recently in 2023, Amazon was ordered to pay over $25 million to settle allegations that it
violated children's privacy rights with its Alexa voice assistant, and Amazon's doorbell camera unit
Ring was fined $5.8 million after giving employees unrestricted access to customer data.

These cases underscore the ongoing challenges surrounding IoT security and data privacy. It’s only a
matter of time before the next big cyberattack makes the headlines.

Keysight IoT Security Assessment | 3


Insufficient testing costs you time and money

When you discover critical vulnerabilities, you must scramble to address flaws and rush updates,
while you potentially face brand damage, expensive recalls, and compliance risk. It is very difficult
to update devices in the field, and many will maintain factory default configurations, which
poses a security risk. Some vulnerabilities often lurk in third-party Systems-on-Chip (SoC). These
issues are notoriously difficult to find, and you often cannot fix them directly. We understand that
comprehensive IoT device testing may appear difficult and costly, and that you may be concerned
your organization does not have the right skills. That is where Keysight can help.

Keysight IoT Security Assessment | 4


Discover Known and Unknown
Vulnerabilities in IoT Devices
Keysight's IoT Security Assessment product is being used in the discovery and validation of
significant IoT devices vulnerabilities such as Sweyntooth and Braktooth. For example, Keysight’s
IoT Security Assessment helped researchers find previously unknown security flaws that could have
impacted millions of connected devices, prompting the U.S. Food and Drug Administration (FDA) to
issue an urgent safety communication.

Comprehensive, automated IoT testing


Keysight makes IoT device testing easy, by giving you automated testing of multiple standards with
a simple user interface and API. It also makes it fast, so you can quickly find security flaws. Testing
is comprehensive and updated with the latest threats, to help you discover firmware vulnerabilities,
protocol flaws, weak encryption and guessable passwords.

Unlike disparate solutions which require users to assemble and separately manage multiple tools,
Keysight’s IoT Security Assessment combines traditional vulnerability assessment with industry
leading protocol fuzzing as well as our new firmware analysis under an integrated user interface (UI)
or REST API. This solution also includes comprehensive reporting on discovered security flaws.

Those include Open Web Application Security Project (OWASP) vulnerabilities such as weak
authentication and encryption, expired certificates, Android vulnerabilities and Android debug (ADB)
exposures, known common vulnerabilities and exposures (CVEs), and embedded flaws in protocol
stacks. Additionally our new automated IoT Firmware Analysis module provides insights into the
software bill of materials and vulnerabilities of IoT Firmware and actionable insights to improve it.

Keysight IoT Security Assessment | 5


Keysight’s IoT Security Assessment scans any connected devices you’re building or deploying, and
reveals potential vulnerabilities via detailed security reports.

Figure 1 is an example of the user interface showing recent scenarios. With a simple press of a
button, you can run automated tests to see the results and re-run tests that fail.

Figure 1. Keysight IoT Security Assessment

For more Information

See a demo of how the IoT Security Assessment tool can simulate a potential attack on
a pulse monitor: https://www.keysight.com/us/en/assets/3123-1478/demos/healthcare-
demo.mp4.

Keysight IoT Security Assessment | 6


IoT Security Assessment

IoT Security Assessment is a modular, expandable system supporting a very large range of tests.
The system tests for multiple security flaw parameters, from firmware and Bluetooth protocol
vulnerabilities embedded in the supply chain to weak passwords and outdated encryption. It applies
across a wide spectrum of use cases.

Firmware Analysis (NEW)

• Analyzes binary firmware files to generate Software Bill of Materials (SBOM, detect vulnerabilities
and weaknesses, and identify potential 0-days.

Protocol Fuzzing

• Provides industry leading fuzzing, which accelerates discovery of unknown flaws in protocol
stacks and chip sets.

Vulnerability Assessment

• Scans devices against a growing list of known threats and vulnerabilities.

Compliance Testing

• Evaluates target against specific requirements such as encryption, open ports, certificate
validation.

Firmware Analysis

Traditional security assessments solutions typically focus on network and application vulnerabilities,
leaving the firmware relatively unchecked. This oversight can lead to significant security risks as
attackers may exploit firmware vulnerabilities to gain unauthorized access or control over devices.
Given the critical role of firmware a dedicated approach to firmware analysis is necessary.

Our new Firmware analysis module addresses this gap. The solution can identify vulnerabilities
directly within the device's operating code that includes everything from extracting the Software
Bill of Materials (SBOM) to uncover associated vulnerabilities, detecting hard-coded credentials
that pose unauthorized access risks, pinpointing configuration flaws, identifying weak or expired
cryptographic keys and certificates, to finding vulnerable scripts and binary code.

Keysight IoT Security Assessment | 7


Figure 2 is an example of the user interface showing Firmware analysis. With a simple press of a
button, you can upload firmware, analyze it and run automated tests.

Figure 2. Keysight IoT Security Assessment – Firmware analysis module

Table 1: Example of Firmware Analysis Features

Category IoT Security Assessment Firmware Analysis

Firmware Security • Detection of Hard-Coded Credentials


Analysis • CVE Detection
• Configuration Flaws Analysis
• Analysis of Cryptographic Practices
• Script Vulnerability Identification

SBOM Generation • Identifying open-source components, like embedded OS and libraries.


SCA • Generating Software Bill of Materials (SBOM) automatically in SPDX
and CycloneDX formats.
• Supports 400+ key embedded system components, with ongoing
updates.

Binary Analysis • Attack surface analysis


SAST • 0-day vulnerability discovery

Keysight IoT Security Assessment | 8


Examples of Keysight protocol and application layer tests

The following table highlights just a few examples of our protocol and application layer tests.

Table 2: Example Protocol and Application Layer Tests

Testing Category IoT Security Assessment Tests

Wi-Fi • Wi-Fi Capture Deauth, Wi-Fi – Capture Assoc, Wi-Fi – Crack Password with
Pcap file
• Wi-Fi – PoC of CVE-2019-15126 kr00k vulnerability, Wi-Fi – Encryption check
• Wi-Fi Exploit - Zero PMK attack, Wi-Fi Exploit - EAP client crash

O-RAN • STC-7-7.2-001 – Port scanning, STC-6-002 – Fallback SCSV Scan


• STC-8-8.2-001 – Web App Vulnerability Scanning
• STC-6-002 – Certificate Information, STC-6-002 – TLS v1.3 Ciphers Scan
• STC-6-002 – Heartbleed Scan, STC-6-002 – ROBOT scan

CAN bus • CAN Identify Modules, CAN – Get DTCs, CAN – Read DIDs
• CAN – Check Auth Seed, CAN Flood, CAN Send Message
• CAN Probe, CAN Get Vehicle Info

Bluetooth® • Bluetooth Low Energy – Scan, Bluetooth – SDPTOOL


• Bluetooth – Blueborne Linux BlueZ memory leak
• Bluetooth – Blueborne Android memory leak, Bluetooth – L2ping DoS

Android • Adb – List Devices, Adb – Reboot, Adb – Screenshot, Adb – Read File
Debug • Adb – Check Root, Adb – List Apks, Adb – Download File
• Adb – Popup, Adb – Apks Vulnerability Scan, Adb – List system users

TLS/SSL • TLS/SSL Analyzer – Run all scans, TLS/SSL Analyzer – TLS v1.0 Ciphers Scan
• TLS/SSL Analyzer – SSL v2.0 Weak Ciphers Scan
• TLS/SSL Analyzer – SSL v3.0 Weak Ciphers Scan

Web • Web Scanner – Full Audit, Web Scanner – OWASP Top10


• Web Scanner – Fast Scan, Web Scanner – Web Infrastructure
• Web Scanner – Bruteforce, Web Scanner – Vulnerable HTTP methods

Keysight IoT Security Assessment | 9


Why Keysight?
Keysight IoT Security Assessment provides an easy and cost-effective way for manufacturers and
vendors to test IoT devices. Our turnkey cybersecurity test and certification platform enables
automated validation through a point-and-click interface, allowing you to quickly bring new IoT
products to market without hiring a large team of cybersecurity experts.

IoT Security Assessment combines a complete suite of IoT testing, from automated firmware
analysis, vulnerability assessments and protocol fuzzing under an integrated user interface (UI) or
REST API. This comprehensive cybersecurity assessment solution ensures users are protected when
IoT devices are shipped to market. The product not only analyzes firmware that operates with an
underlying operating system but also stands out in the market by offering a specialized analysis
for Bare-Metal and Monolithic firmware. This unique capability allows us to extend our security
assessments beyond traditional firmware analysis. The Bare-Metal and Monolithic firmware analyzer
employs static code analysis and targeted code emulation techniques, enabling it to identify a wide
range of vulnerabilities.

Device manufacturers and vendors can use our automated IoT testing and validation platform to
comply with international cybersecurity standards such as ETSI EN 303 645 and country-specific
labeling requirements such as the Cyber Trust Mark.

Keysight IoT Security Assessment | 10


Keysight inspires and empowers innovators to bring world-changing technologies to life. As an
S&P 500 technology company, we deliver market-leading design, emulation, and test solutions to
help engineers develop and deploy faster with less risk, throughout the entire product life cycle.
Headquartered in California and operating in over 100 countries, with over 15,000 employees and
over 30,000 customers, Keysight’s total FY23 revenue exceeded $5.46 billion.

With 20+ years of network and security excellence, our global Application and Threat Intelligence
(ATI) Research Center keeps current on all the latest threats. Our ATI global team of security analysts
monitor and analyze emerging threats to help you stay a step ahead of cybercriminals.

As our team discovers new vulnerabilities and attacks, we keep IoT Security Assessment up to date
to incorporate emerging threats and additional functionalities. The security landscape is constantly
shifting, with a nonstop stream of new threats and vulnerabilities for device manufacturers to
contend with. Fortunately, Keysight has a solid track record and extensive experience in assessing
the security of networked devices.

Keysight IoT Security Assessment | 11


Helping to shape the world of IoT

Keysight is a member of multiple industry standard bodies including the Technological Advisory
Council (TAC) for the Federal Communications Commission (FCC) and Industry consortia (IOWN,
NextG Alliance, QED-C). We are also a member of the O-RAN Alliance WG11, creating automated
cybersecurity certification testing for WG11 standards.

Keysight is one of only a few select technology vendors and the only testing solution provider invited
to participate in a 2023 White House initiative to improve IoT security. The U.S. Cyber Trust Mark for
consumer IoT devices, an IoT labeling program, outlines a set of cybersecurity standards for smart
devices that requires devices to pass cybersecurity tests and provide data usage transparency. The
National institute of Standards and Technology (NIST) and the Federal Communications Commission
(FCC) devised the cybersecurity standards for the program.

Figure 3 shows the Keysight IoT Security Assessment for automated IoT compliance testing. Against
certain compliance testing requirements, you can see the severity of your devices' vulnerabilities,
whether they pass or fail, and it can help you certify your IoT devices.

Figure 3. Keysight IoT Compliance Testing Assessment

Keysight IoT Security Assessment | 12


Conclusion
If you are building or deploying any kind of connected device, you need to know what you’re up
against. Otherwise, you may fail to address potential threats before they cause real deployment
problems. Contact Keysight to learn how IoT Security Assessment can accelerate your testing and
certification tasks, minimize risk, and accelerate your time to market..

For more information, visit: https://www.keysight.com/zz/en/products/network-security/iot-security-


assessment.html

Keysight enables innovators to push the boundaries of engineering by quickly solving


design, emulation, and test challenges to create the best product experiences. Start your
innovation journey at www.keysight.com.

This information is subject to change without notice. © Keysight Technologies, 2023-2024,


Published in USA, April 25, 2024, 7123-1102.EN

You might also like