In this section, we focus on primary vulnerabilities within each device and how they may precipitate future attacks. After determining which devices are commonly deployed, we discovered critical vulnerabilities and analyzed the level of risk and impact from the aforementioned vulnerability by determining exploitability. Recently, an IoT attack surface is presented for an IoT network . Authors analyze the IoT network for vulnerabilities and present an attack surface with security controls. This research work highlights the nuances between common IoT domains and specifically points to how devices are used to highlight these differences. Another research work  presents a first of its kind IoT vulnerability scoring using the National Institute of Standards and Technology Common Vulnerability Scoring System (NIST-CVSS). In this work, researchers customize the NIST-CVSS to score individual device vulnerabilities and to generate an overall device vulnerability score. Scores are objective and are based on exploitability, scope, and impact factors.
The need for security in the healthcare domain is of paramount importance due to a variety of risk factors: risk of patient harm, privacy, protection of patient information, and cost of implementation. Many individuals rely on devices in this domain to stay informed about their health and in some cases to keep them alive . Therefore, it is imperative to ensure these devices are secure given the critical risk they impose. To better understand the need for security, the vulnerabilities of the devices used within the domain must be examined. Bluetooth enabled devices to provide users with a simple, wireless means for devices to communicate with each other. Uses of Bluetooth technology have greatly expanded over the course of its brief history. In the healthcare domain, Bluetooth-connected devices are prevalent.
There are various brands of activity tracking devices, but perhaps the most recognizable brand is Fitbit. The Surge model of Fitbit has text and call notification, continuous heart rate monitoring, and GPS capabilities *24+. This means the user’s personal messages, vitals, and even location are at risk of being identified by an unauthorized individual. Accessing and storing features and data of these features requires the user to connect their Fitbit Surge device to a cell phone or personal computer via Bluetooth low energy (BLE). The specific version of BLE on Fitbit Surge devices is BLE 4.0, an outdated, less capable version compared to the current standard (BLE v.4.2) . This data is then stored via an Internet connection in the cloud. A series of vulnerabilities with insecure Bluetooth connection has been exploited with this device, putting the user’s PHI at risk, especially since some data was found to not be encrypted during transmission between the Fitbit Surge and the user’s cellphone *7+. This puts a user’s personal health information at risk.
It is important to remember that three million individuals globally rely on pacemakers to keep their heart functioning properly . St. Jude Medical manufactures a wide array of pacemaker models with differing features. One of these models, for example, is called Assurity MRI. This device is designed to function even when the user is given an MRI scan. All of these models share similarities, such as the manufacturer warning users to avoid contact with electrical devices such as cellphones, metal-detection systems, and medical equipment. Prolonged contact with these devices puts a user’s pacemaker at risk of device malfunction or failure . This is because the pacemaker may misinterpret cellphone signals or electrical impulses as a heartbeat, causing the device to malfunction . Quarterly monitoring of pacemakers is required by a physician to ensure the pacemaker is operating properly . Remote monitoring using conventional methods allows monitoring over cellular networks with a patient monitoring device.
Today, conventional pacemakers are modernizing with Internet-based device monitoring which involves the sending and receiving of data using TCP/IP protocol using a data transmission system. The vulnerability exists when the connection between sender and receiver is insufficiently secure. Two pacemaker manufacturers were found to not encrypt patient data stored on programmer hard drives used to make updates to user devices . This data contains sensitive PHI such as patient and physician names, phone numbers, treatment data, and even social security numbers. An example of this is found with St. Jude’s discovery in 2017 of its Merlin@home transmission system which was found to be susceptible to man-in-the-middle attacks (MITM) . Another vulnerability of pacemaker device is due to the lack of authentication required by physicians who use these devices to make updates and modifications.
IoT security challenges are parallel to the vulnerabilities in the infrastructure of the systems and at the device-level. This leads to the possibility of attacks from multiple points within each device. Some devices have the disadvantage of having multiple vulnerabilities at different levels of the infrastructure. Not only are the devices vulnerable physically through ports and design, but their applications, data, and other aspects are also major risk factors. Some devices are a critical risk while others carry very minimal risk. Some devices with major vulnerabilities include NFC readers, RFID chips, cameras, and IoT sensors.
Many of the devices have their own individual vulnerabilities as well as a network of underlying vulnerabilities that are alike . This matrix of vulnerabilities results from memory extraction/corruption, DoS, SQL injections, unencrypted services, and console/firmware access. Common RFID chips are used to exchange information between an inactive node to a power source that acts as a reader . These devices are simple and cost-efficient but are prone to firmware access and memory corruption. These chips are often so small they lack power supply and rely on device readers to operate the memory within the chip. Because of this fluctuation in power, magnetic fields, and temperature are contributing factors in memory loss and device failure.
NFC device vulnerabilities include console access, memory extraction, and unencrypted service. These near field communication terminals are prone to the possibility of a malicious user gaining access which could also lead to memory extraction. Unencrypted service vulnerabilities are possible but unlikely as current 4G connections use an encryption standard with a strong authentication method that focuses on price checking, mutual authentication, and transaction execution . Sensors are additionally vulnerable and are often categorized with cameras due to the functionality of how they operate as a system. These devices are particularly prone to vulnerabilities such as DoS and console access. These systems operate in conjunction with application layers which are vulnerable to SQL injections that expose, attack vectors across multiple layers of each device . Close examination of the multiple vulnerabilities these devices present warrants the inherent need for mitigation of the vulnerabilities before threat exploitation occurs.
Home IoT Domain
Vulnerabilities in our devices will always be present, there is no device that is unconditionally secure, that will remain secure throughout its lifetime, without proper updates and auditing procedures. Vulnerabilities in IoT devices provide a prolific environment and accessible route for threats to flourish and exploit the device. If the vulnerabilities are left unchecked, subsequent threats can cause data corruption and theft, device malfunction, malware implementation, privacy reduction, physical damages, and countless additional issues. The intrinsically insecure nature of the Internet poses an enormous security risk on IoT devices. According to an article published in the RFID Journal , the Internet was initially intended to connect people who already trust one another such as academic researchers or military networks. Attempts to strengthen Internet security were stymied because of cost, short-sightedness and competing interests. Connecting everyday objects to this shaky, insecure base will create the Internet of Hacked Things . We can define the attack surface as our exposure, the reachable and exploitable vulnerabilities that we have . IP Cameras are particularly susceptible to vulnerabilities begging to be exploited. The most prevalent vulnerability is the utilization of default manufacturer passwords represented by V1 for device one, or D1, as shown in Figure 1.