TRƯỜNG ĐẠI HỌC HẢI PHÒNG 645 INTERNET OF THINGS– TYPICAL ATTACKS AND COUNTERMEASURES (VẠN VẬT KẾT NỐI INTERNET IoT – NHỮNG VỤ TẤN CÔNG TIÊU BIỂU VÀ BIỆN PHÁP PHÒNG CHỐNG) PhD Nguyen Tran Hung Departme[.]
TRƯỜNG ĐẠI HỌC HẢI PHÒNG INTERNET OF THINGS– TYPICAL ATTACKS AND COUNTERMEASURES (VẠN VẬT KẾT NỐI INTERNET IoT – NHỮNG VỤ TẤN CƠNG TIÊU BIỂU VÀ BIỆN PHÁP PHỊNG CHỐNG) PhD Nguyen Tran Hung Department of Economic Information System and Electronic Commerce Thuong Mai University ABSTRACT Internet security has been the subject of much debate over the past decade Nowadays every industry and every business sector is aware of the importance of cybersecurity, however, the effects of the 4.0 revolution have raised issues of security and secure Internet connection At the present time, the world is at the beginning of the fourth industrial revolution, one of its most prominent applications, the Internet of Things, which has shown a strong impact on all areas and the edge of life The core of Internet of Things is the idea of using cyberspace as a means to improve performance, productivity, and customization of things Through this, data is collected and transmitted from various things, such as production line equipment, sensors in the product at the customer base, sales data and more This intense and continuous impact of Internet of Things has expanded the complexity of data security and information as things connect in the future In an effort to shed light on the development of security on the Internet when the trend of typical application of the 4.0 Industrial Revolution is the Internet of Things developing robust, this article tries to identify risks in a connected business The main purpose of this article is to show that the emergence of Internet of Things will reduce the gap between existing security and security Based on that, the paper proposes some practical solutions to ensure Internet security for data transmission when things are connected TÓM LƢỢC An ninh mạng Internet trở thành chủ đề nhiều tranh luận thập kỷ qua Mặc dù đến nay, ngành lĩnh vực kinh doanh có nhận thức tầm quan trọng an ninh mạng, nhiên tác động cách mạng công nghiệp 4.0 lại làm nảy sinh nhiều vấn đề đảm bảo an ninh, an toàn mạng kết nối Internet Trong thời điểm tại, giới tiếp cận ban đầu cách mạng công nghiệp lần thứ tư mà ứng dụng tiêu biểu Internet of Things thể tác động mạnh mẽ tới lĩnh vực góc cạnh sống Nội dung cốt lõi Internet of Things ý tưởng sử dụng không gian mạng kết nối Internet phương tiện để nâng cao hiệu hoạt động, suất tuỳ biến với vạn vật Thông qua đó, liệu thu thập truyền tải từ vạn vật khác nhau, chẳng hạn từ thiết bị dây chuyền sản xuất, cảm biến sản phẩm sở khách hàng, liệu bán hàng nhiều Sự tác động mạnh mẽ liên tục Internet of Things mở rộng yêu cầu phức tạp an ninh liệu thông tin vạn vật kết nối tương lai Trong nỗ lực nhằm làm sáng tỏ phát triển an ninh mạng Internet xu hướng ứng dụng tiêu biểu cách mạng công nghiệp 4.0 Internet of Things phát triển mạnh mẽ, viết cố gắng xác định nguy bảo mật doanh nghiệp kết nối Mục đích báo thấy xuất Internet of Things làm giảm khoảng cách an toàn an ninh tồn Trên sở đó, báo đề xuất số giải pháp có ý nghĩa thực tiễn để đảm bảo an ninh mạng Internet cho liệu truyền tải vạn vật kết nối 645 TRƯỜNG ĐẠI HỌC HẢI PHÒNG Key words: Internet of Things; internet security; secure Internet; secure Internet connection; 4.0 Industrial revolution; issue of security Từ khóa: An ninh mạng; vạn vật kết nối; bảo mật Internet; an ninh mạng Internet; cách mạng công nghiệp lần thứ tư; nguy bảo mật INTRODUCTION Industrial revolutions are the events of an era in global history The 18th-century steam-energy invention marks the beginning of the first revolution with machinery applications in the manufacturing process The second industrial revolution witnessed the emergence of mass production by electric power and automation lines With the third industry revolution marking the beginning of the electronic information age, the popularity of computers and the Internet has affected every aspect of life and business While the fourth industry revolution is a broad framework for the future, the trend of Internet of Things makes the approach and application of the revolutionary 4.0 become more comprehensive, easier to understand and reveals the version Substantial changes in technology affect the business activities of every business in the world The enormous trends driven by Internet of Things are primarily related to the collection and transmission of data from the Internet to the Internet, thereby increasing the volume of data, enhancing the ability to analyze and process data Diversified data, improved connectivity and communication between the digital and physical environment Organizations that find meaning in these rich data sources will gain competitive advantage But collecting detailed information means filtering out unnecessary information to obtain useful information and protecting the security and privacy of information, ensuring information security is not being accused of cards, blocking, theft or alteration by third parties CONCEPTS AND PROCESS OF NETWORKING – PHYSICS OF INTERNET OF THINGS a Concepts of Internet of Things According to the International Telecommunication Union (ITU) (2015), the Internet of Things (IoT) is a network of physical devices, vehicles and other embedded electronic gadgets with software, sensors and actuators And networking allows these objects to collect and exchange data Each item is uniquely identified through its embedded computer system but can interact in the existing Internet infrastructure Experts estimate that IoT will cover about 30 billion objects by 2020[4] According to Kelvin Ashton (2009), Internet of Things (IoT) is a system of interrelated computing devices, mechanical and digital machines, objects , animals or people are provided with unique identifiers and the ability to transmit data over the network without the need for interaction between the person and the computer[1] Although accessible in a variety of ways, most views agree that IoT allows objects to be sensed or controlled remotely through existing network infrastructures It aims to further integrate the physical world into computer systems and, as a result, improve efficiency, accuracy and economic benefits in addition to reducing human intervention As the IoT is enhanced with sensors and actuators, the technology will become an example of common cyberspace physics, including technologies such as smart grids, virtual power plants, smart homes, smart traffic and smart cities Internet of Things can include a variety of devices such as heart transplants, biochip chips on farm animals, wildlife feed cameras in coastal waters, umbrellas Built-in sensors, DNA analyzers for environmental / feed / pathogens monitoring, or field operators support firefighters in search and rescue operations Rescue Scholars around the world have suggested the connection of the universe as an "inseparable mixture of hardware, software, data, and services."[5] 646 TRƯỜNG ĐẠI HỌC HẢI PHÒNG These devices collect useful data with the help of various existing technologies and then automatically circulate data among other devices Examples of current markets include home automation (also known as smart home appliances) such as control and automation of lighting, heating, ventilation, air conditioning gas and household appliances such as washing machines, air purifiers, ovens, fridges / freezers with Wi-Fi for remote monitoring b Process of Networking – Physics of Internet of Things The Industrial Internet Consortium (IIC) is an organization based on a combination of government, academia and the industry IIC was originally formed by leading market players such as AT & T, Cisco Systems, General Electric, IBM and Intel IIC now includes more than 200 leading institutions and research institutions around the world, including countries such as India, China and Germany These organizations focus specifically on promoting Internet of Things by identifying potential applications and data security issues in the industry through three key areas: technology, data collection and security According to IIC, the process of connecting the digital networking environment to the physical environment of Internet of Things involves three steps: + Step 1: Collecting digital records includes digitizing physical products and processing data through sensors These sensors are attached to specific assets or objects and can identify and capture data while imitating human senses The technology that allows this combination is called sensor feedback, which promotes a microcontroller to combine individual packets from different sensors This gives an overview of the data collected Figure 1: Process of Networking – Physics of Internet of Things (Source:[3 ]) + Step 2: Analysis & Visualization involves the application of analytical capabilities to raw data collected from sensors, supported using various data visualization tools and analysis tools The infrastructure for this capability provided by the cloud can help store large amounts of data collected and serve as a platform on which this data can be processed + Step 3: Transfering insights which based on collected data into action Detailed action information involves the application of derived knowledge to automate decision making, resulting in tangible performance or action in the physical environment With the Internet-of-Things connection process, the expansion of the scope of data analysis would involve building appropriate capacity for the storage infrastructure Data in many ways will be a prerequisite for performance in the Internet of Things operating environment, and all enterprise and individual user decisions will be motivated by time-based 647 TRƯỜNG ĐẠI HỌC HẢI PHÒNG data in real time In such a scenario, the security and security of the data infrastructure posed to business enterprises, regulators, and consumers alike should be addressed OUTSTANDING INTERNET ATTACKS IN THE INTERNET OF THINGS As we have seen, the impact of Internet of Things offers tremendous opportunities for end users to gain greater value in everyday operations At the same time, the nature of the interactions and decision-making process is based on data that has made Internet of Things on new challenges, particularly cyber-security Expanding the connectivity of the Internet to the environment makes IT systems vulnerable to cyber attacks by new forms of attack Many processes in a connected environment can be manually intercepted This is an important reason why the Internet of Things emphasizes the need for physical security In addition, many of the IT security tools that are created to operate in the enterprise layer may not necessarily work well in an environment where everything is connected to the Internet Such unforeseen circumstances could result in the suspension of the Internet of Things, resulting in disruption of the process, loss of data and financial loss In fact, attacks on the Internet are becoming more complex and capable of creating large-scale losses as attackers become more aggressive with new attack techniques Figure provides a list of the most prominent network attacks that systems have encountered since 2000 As shown in Figure 2, we can list a number of well-known network attacks based on wireless IP connections to devices that not have control or weak control of the enterprise Specifically: Figure 2: Time table of Internet attacks on systems (Source:[2]) + Stuxnet: One of the most notorious attacks is Stuxnet at an Iranian nuclear facility in 2010 While the Stuxnet event is considered an important warning bell, there is a need for understanding More technical to understand the overall risk The Stuxnet attack targeting Iran's uranium enrichment facilities is a clear warning of the potential risk that may be due to the attacks network Power sector is not without the usual attacks like Ransomware locking system or Trojans stealing financial information For example, in 2013, a US fuel distribution company was financially stealing $800 million Every business in any industry or business 648 TRƯỜNG ĐẠI HỌC HẢI PHÒNG has its own risks, but an attack on the energy industry can be particularly serious and costly Globally, the cost of a cyberattack in the energy sector is second only to attacks on financial services + Attack on the Ukrainian power grid: Another case is the attack on the Ukrainian grid, December 2015 and December 2016 The attack on the Ukrainian power grid caused a major disruption, affecting a large number of consumers in Western Ukraine An organized attack was made for the purpose of creating maximum disruption Malicious software was used to target the power supply network and use some penetration techniques such as online fraud, software documentation containing malicious software, and BlackEnergy The security flaws have emerged from the availability of internal company information online and failed to implement two-step authentication frameworks on its VPN Although the power returned within a few hours, the destructive programs destroyed a lot of valuable data Exactly one year later, in December 2016, the Ukrainian grid was once again suspected of being attacked, leaving the entire city of Kiev in the dark The attack was suspected due to external interference through the data network + Attacks Niche Pharmaceutical Company: One of the most well-known data theft cases was made at Niche Pharmaceutical Company in 2015 A large pharmaceutical company containing a database of over 50,000 customers were harmed by a hacker requesting a ransom and threatening to sell data on a common forum to the highest bidder Online attack techniques like SQL injection have been used to perform this attack The compromised data includes details such as customer's personal information and DEA number The failure to apply appropriate encryption techniques was found to be one of the main reasons behind this attack So it is not surprising that pharmaceuticals are in the top industries vulnerable to online attacks Electronic attacks on the pharmaceutical industry have grown faster than other industries In Frost & Sullivan's study, more than two thirds of the pharmaceutical industry was severely affected, while the rest had at least one attack on the Internet However, the wireless network threats in a pharmaceutical enterprise come from within the enterprise rather than from the external threats More than twenty percent of IP burglars have internal corporate records and are not external hackers Due to opportunism, revenge, greed or competitive advantage, people in the exploitation of their position to gain access to the company's digital assets Organizations should actively their part in securing digital assets This can be achieved to a certain extent by educating staff about security and other protocols and ensuring a convenient way for staff to report suspicion Manufacturers will need to ensure adequate protection of proprietary information and regularly monitor computer networks for suspicious activity Companies must also ensure access to security measures, tools and frameworks for their employees, and ensure that access to corporate and network data is revoked against any employee In many ways, the Stuxnet event, the Ukrainian Powerhouse, the Niche Pharmacy is a wake-up call for an upcoming industrial demand that requires industry recognition and planned investment This gaining greater significance with the increasing complexity and intensity of cyber attacks is expected in the future Figure shows how cyber attacks have evolved over the years and what the industry is likely to see in the coming years 649 TRƯỜNG ĐẠI HỌC HẢI PHÒNG Figure 3: The evolution of telephone attacks (Source: [2]) Whether they are smartphone plants or refineries, businesses involve a myriad of equipment, systems, assets, and human resources Traditionally, networking between devices and systems has been achieved through proprietary protocols The proprietary nature of these protocols makes them isolated and inaccessible to any outside intrusion The nature of protection against this cyber attack began to dwindle as businesses grew to new heights of Internet of Things and applications in business production via IP (Internet Protocol) connections connected to all devices, products in the business For example, accepting IPbased connections between devices in the enterprise with the core system has increased security risks, a fact that has been ignored until now Other developments of the Internet of Things continue to expand the security risk is the increasing use of processors in the enterprise This has made the enterprise's core control system the most vulnerable asset for attacks in the world of things that are naturally connected to the Internet The uncontrolled nature of this expansion has made it possible for third-party intrusion via the Internet to be easily implemented across different layers of the enterprise Some examples of devices within the enterprises that have security and security risks are PLCs, supervisory control and control (SCADA) data acquisition, distributed control systems (DCSs) and intelligent electronic devices (IEDs) With weak control connections, they can be a bridge for hackers to cause problems such as denial of access to systems (DDoS attacks), loss or manipulation of data on large scale, which results in negative impacts on the environment and defective systems All of these breaches of confidentiality may result in loss of control over business operations, which can lead to loss of revenue and damage to the brand reputation of the business BASIC SECURITY SOLUTIONS IN THE INTERNET OF THINGS 650 TRƯỜNG ĐẠI HỌC HẢI PHÒNG Many current security solutions in the IT world are not built to handle the complexity of an Internet of Things environment Thus, information security and data networks have been identified as one of the top concerns in the field of business production - the sector has seen an increase in the number of attacks on the global network Before applying the basic security solutions in the Internet of Things, for any network in a business or factory, it is imperative that businesses understand the security layers Different approaches need to be applied to fully protect their production and business activities Here, the method "Defense in Depth" or "Castle Approach" is the method given by the IIC The "Defense in Depth" philosophy aims to secure many aspects of a business or organization, including: personnel, procedures, technology and the physical Different security control layers include: Level of Government policy and security frameworks; Physical levels; Level of Network; System level; Application and data layers as shown in Figure below Figure 4: Enterprise security layers in IoT (Source: [2]) The application of in-depth protection involves a sequential and conditional approach Different levels of security acceptance include the following: a Security measures at the administrative level These include laws, regulations, policies, rules, and guidelines governing the organization's information security practices Manufacturers who want to adopt online security need to have a better understanding of the network security laws and frameworks that protect specific area where the organization is located Common misconceptions about network security include: + It will not happen to me + Antivirus and firewall is enough + Not all endpoints need to be protected + Endpoint security can not provide The Department of Homeland Security (DHS) emphasized on IoT security: When some devices are connected to malicious code with increasing rely on national critical infrastructure, ensuring that these systems are appropriate It is a top priority Manufacturers can apply these principles as they design, manufacture and use interconnected systems These 651 ... HỌC HẢI PHÒNG Key words: Internet of Things; internet security; secure Internet; secure Internet connection; 4.0 Industrial revolution; issue of security Từ khóa: An ninh mạng; vạn vật kết nối; ... PROCESS OF NETWORKING – PHYSICS OF INTERNET OF THINGS a Concepts of Internet of Things According to the International Telecommunication Union (ITU) (2015), the Internet of Things (IoT) is a network... interact in the existing Internet infrastructure Experts estimate that IoT will cover about 30 billion objects by 2020[4] According to Kelvin Ashton (2009), Internet of Things (IoT) is a system of