IoT and OT Hacking - IoT Concepts and Attacks

What refers to the network of devices having IP addresses and the capability to sense, collect, and send data using embedded sensors, communication hardware and processors?

Internet of Things (IoT), also known as Internet of Everything (IoE)

What refers to the term thing that is used to refer to a device that is implanted on natural, human-made, or machine-made objects and has the functionality of communicating over the network?

Internet of Things (IoT), also known as Internet of Everything (IoE)

What IoT technology is included in the four primary systems? These systems together make communication between two endpoints possible.

IoT devices, gateway systems, data storage systems using cloud technology, and remote control using mobile apps.

What are sensors that are embedded in the devices sense a wide variety of information from their surroundings, including temperature, gases, location, workings of some industrial machinery, or health data of a patient referred to?

Sensing Technology

What are gateways that are used to bridge the gap between an IoT device (internal network) and the end-user (external network), thus allowing them to connect and communicate with each other referred to? The data collected by the sensors in the IoT device is sent to the connected user or cloud through the gateway.

IoT Gateways

What travels through a gateway that then collects data, arrives at the cloud, where it is stored and undergoes data analysis referred to? The processed data is then transmitted to the user, who can take certain actions based on the information received.

Cloud Server/Data Storage

What involves an end-user using remote controls such as mobile phones, tablets, laptops, etc. installed with a mobile app to monitor, control, retrieve data, and take a specific action on IoT devices from a remote location referred to?

Remote Control using Mobile App

What five layers are part of the IoT Architecture?

Application Layer, Middleware Layer, Internet Layer, Access Gateway Layer, Edge Technology Layer

What layer consists of all the hardware components, including sensors, radio-frequency identification (RFID) tags, readers, or other soft sensors, and the device itself? These entities are the primary part of the data sensors that are deployed in the field for monitoring or sensing various phenomena. This layer plays an important part in data collection, and in connecting devices within the network and with the server.

Edge Technology Layer

What layer helps to bridge the gap between two endpoints, such as a device and a client? The initial data handling also takes place in this layer. This layer carries out message routing, message identification, and subscribing.

Access Gateway Layer

What is a crucial layer as it serves as the main component in carrying out communication between two endpoints, such as device-to-device, device-to-cloud, device-to-gateway, or back-end data sharing?

Internet Layer

What is one of the most critical layers that operates in two-way mode? As the name suggests, this layer sits in the middle of the application layer and the hardware layer, thus behaving as an interface between these two layers. It is responsible for important functions such as data management, device management, and various issues like data analysis, data aggregation, data filtering, device information discovery, and access control.

Middleware Layer

What layer is placed at the top of the stack and is responsible for the delivery of services to the relevant users from different sectors, including building, industrial, manufacturing, automobile, security, healthcare, etc?

Application Layer

What short-range wireless communication is a wireless personal area network? This technology is designed to be applied in various sectors such as healthcare, security, entertainment, and fitness.

Bluetooth Low Energy (BLE)

What short-range wireless communication is like Wi-Fi with only two differences: the mode of communication and the speed? It is a Visible Light Communications (VLC) system that uses common household light bulbs for data transfer at a very high speed of 224 Gbps.

Light-Fidelity (Li-Fi)

What short-range wireless communication is a type of short-range communication that uses magnetic field induction to enable communication between two electronic devices? It is primarily used in contactless mobile payment, social networking, and the identification of documents or other products.

Near-Field Communication (NFC)

What short-range wireless communication are machine-readable tags that contain information about the product or item to which they are attached? It is a two-dimensional code that stores product information and can be scanned using smartphones, whereas a barcode comes in both one-dimensional (1D) and two-dimensional (2D) forms of code.

QR Codes and Barcodes:

What short-range wireless communication stores data in tags that are read using electromagnetic fields? It is used in many sectors including industrial, offices, companies, automobiles, pharmaceuticals, livestock, and pets.

Radio-Frequency Identification (RFID)

What short-range wireless communication is an IPv6-based networking protocol for IoT devices? Its main purpose is home automation so that the devices can communicate with each other on local wireless networks.

Thread

What short-range wireless communication is a technology that is widely used in wireless local area networking (LAN)? At present, the most common Wi-Fi standard that is used in homes or companies is 802.11n, which offers a maximum speed of 600 Mbps and a range of approximately 50 m.

Wi-Fi

What short-range wireless communication is used for peer-to-peer communication without the need for a wireless access point? It is used to direct devices start communication only after deciding which device will act as an access point.

Wi-Fi Direct

What short-range wireless communication is a low-power, short-range communication designed primarily for home automation? It provides a simple and reliable way to wirelessly monitor and control household devices like HVAC, thermostats, garages, home cinemas, etc.

Z-Wave

What short-range wireless communication is based on the IEEE 203.15.4 standard and is used in devices that transfer data infrequently at a low rate in a restricted area and within a range of 10–100 m?

Zig-Bee

What short-range wireless communication is a multicast wireless sensor network technology mainly used for short-range communication between devices related to sports and fitness sensors?

Adaptive Network Topology (ANT)

What medium-range wireless communication is another variant of the Wi-Fi standard; it provides an extended range, making it useful for communications in rural areas? It offers low data rates, thus reducing the power and cost of transmission.

HaLow

What medium-range wireless communication is a standard for mobile communication that provides enhancement to LTE, focusing on providing higher capacity in terms of data rate, extended range, efficiency, and performance?

LTE-Advanced

What medium-range wireless communication is an Internet protocol used for communication between smaller and low-power devices with limited processing capacity, such as various IoT devices?

IPv6 over Low-Power Wireless Personal Area Networks (6LoWPAN)

What medium-range wireless communication are multiplexed connections between IoT devices over the User Datagram Protocol (UDP); they provide security equivalent to SSL/TLS?

Quick UDP Internet Connections (QUICs)

What long-range wireless communication is a wireless telecommunication network, designed to provide long-range communications between two endpoints?

Low Power Wide Area Networking (LPWAN)

What long-range wireless communication is used to support applications such as mobile, industrial machine-to-machine, and secure two-way communications for IoT devices, smart cities, and healthcare applications?

Long Range Wide Area Network (LoRaWAN)

What long-range wireless communication is used in devices that have short battery life and need to transfer a limited amount of data?

Sigfox

What long-range wireless communication is used in a tiny part of the TV white space spectrum to deliver high-quality, high-power, high-coverage, and low-cost networks?

Neul

What long-range wireless communication is a communication protocol that is used for data transfer using small dish antennas for both broadband and narrowband data?

Very Small Aperture Terminal (VSAT)

What long-range wireless communication is a type of communication protocol that is used for communication over a longer distance? It is used to send high-quality data but with the drawbacks of being expensive and having high power consumption.

Cellular

What long-range wireless communication is an ISO standard lightweight protocol used to transmit messages for long-range wireless communication? It helps in establishing connections to remote locations, for example via satellite links.

Message Queuing Telemetry Transport (MQTT)

What long-range wireless communication is a variant of LoRaWAN and Sigfox that uses more enhanced physical layer technology and the spectrum used for machine-to-machine communication?

Narrowband IoT (NB-IoT)

What wired communication is the most commonly used type of network protocol today? It is a type of LAN (Local Area Network) that consists of a wired connection between computers in a small building, office, or campus.

Ethernet

What wired communication is a type of network protocol that provides high-definition videos and related content to homes over existing coaxial cables?

Multimedia over Coax Alliance (MoCA)

What wired communication is a type of protocol that uses electrical wires to transmit power and data from one endpoint to another? PLC is required for applications in different areas such as home automation, industrial devices, and broadband over power lines (BPL).

Power-Line Communication (PLC)

What OS is is a family of operating systems developed by Microsoft for embedded systems?

Windows 10 IoT

What OS is a free open-source OS used in IoT microcontrollers that makes low-power, battery-operated edge devices easy to deploy, secure, connect, and manage?

Amazon FreeRTOS

What OS is an open-source OS developed by Google for various platforms, such as embedded systems, smartphones, tablets, etc?

Fuchsia

What OS has fewer resource requirements and uses energy efficiently? It has the ability to run on embedded systems, actuator boards, sensors, etc.

RIOT

What OS is also known as Snappy, this is used in robots, drones, edge gateways, etc?

Ubuntu Core

What OS is mostly used for low-powered devices such as wearable devices?

ARM Mbed OS

What OS is used in low-power and resource-constrained devices?

Zephyr

What OS is used with all small, medium, and large embedded systems?

Embedded Linux

What OS is an open-source OS primarily developed to support 8-bit and 32-bit microcontrollers of embedded systems?

NuttX RTOS

What OS is primarily used in the aerospace or defense, industrial, automotive, and medical sectors?

Integrity RTOS

What OS supports devices that work on the BLE protocol?

Apache Mynewt

What OS is an open-source, Linux-based operating system designed for a wide range of devices, including smartphones, tablets, smart TVs, wearables, and IoT devices?

Tizen

What IoT application protocol is a web transfer protocol used to transfer messages between constrained nodes and IoT networks? This protocol is mainly used for machine-to-machine (M2M) applications such as building automation and smart energy.

Constrained Application Protocol (CoAP)

What IoT application protocol helps the IoT environment to move computational processing to the edge of the network, allowing smart devices and gateways to perform tasks and services from the cloud end? Moving computational services to the edge of the network improves content caching, delivery, storage, and management of the IoT.

Edge

What IoT application protocol is an application-layer communication protocol used for application-level communication between IoT devices; it is used for IoT device management?

Lightweight Machine-to-Machine (LWM2M)

What IoT application protocol is a technology used to enable faster and seamless interaction with nearby IoT devices. It reveals the list of URLs being broadcast by nearby devices with BLE beacons?

Physical Web

What IoT application protocol is an open technology for real-time communication used for IoT devices? This technology is used for developing interoperable devices, applications, and services for the IoT environment.

eXtensible Messaging and Presence Protocol (XMPP)

What IoT application protocol is a software used for communication between an M2M server and applications running on an embedded gateway? It allows IoT applications to exchange data and commands with an M2M server.

Mihini/M3DA

What IoT communication model is inter-connected devices that interact with each other through the Internet, but they predominantly use protocols such as ZigBee, Z-Wave or Bluetooth? It is most commonly used in smart home devices such as thermostats, light bulbs, door locks, CCTV cameras, and fridges, which transfer small data packets to each other at a low data rate. This model is also popular in communication between wearable devices.

Device-to-Device Communication Model

What IoT communication model has devices communicate with the cloud directly, rather than directly communicating with the client to send or receive data or commands? It uses communication protocols such as Wi-Fi or Ethernet, and sometimes uses Cellular as well.

Device-to-Cloud Communication Model

What IoT communication model involves the IoT device communicating with an intermediate device called a gateway, which in turn communicates with the cloud service? This gateway device could be a smartphone or a hub that is acting as an intermediate point, which also provides security features and data or protocol translation.

Device-to-Gateway Communication Model

What IoT communication model has protocols generally used in this mode of communication are ZigBee and Z-Wave?

Device-to-Gateway Communication Model

What IoT communication model extends the device-to-cloud communication type such that the data from the IoT devices can be accessed by authorized third parties? Devices upload their data onto the cloud, which is later accessed or analyzed by third parties.

Back-End Data-Sharing Communication Model

What are the challenges of IoT devices?

Lack of Security and Privacy, Vulnerable Web Interfaces, Legal, Regulatory, and Rights Issue, Default, Weak, and Hardcoded Credentials, Clear Text Protocols and Unnecessary Open Ports, Coding Errors (Buffer Overflow), Storage Issues, Difficult-to-Update Firmware and OS, Interoperability Standard Issues, Physical Theft and Tampering, Lack of Vendor Support for Fixing Vulnerabilities, Emerging Economy and Development Issues, Handling of Unstructured Data, Scalability, Power Consumption, Regulatory Compliance, Integration with Legacy Systems

What is one of the OWASP Top 10 IoT threats?

Weak, Guessable, or Hardcoded Passwords

What is one of the OWASP Top 10 IoT threats?

Insecure Network Services

What is one of the OWASP Top 10 IoT threats?

Insecure Ecosystem Interfaces

What is one of the OWASP Top 10 IoT threats?

Lack of Secure Update Mechanisms

What is one of the OWASP Top 10 IoT threats?

Use of Insecure or Outdated Components

What is one of the OWASP Top 10 IoT threats?

Insufficient Privacy Protection

What is one of the OWASP Top 10 IoT threats?

Insecure Data Transfer and Storage

What is one of the OWASP Top 10 IoT threats?

Lack of Device Management

What is one of the OWASP Top 10 IoT threats?

Insecure Default Settings

What is one of the OWASP Top 10 IoT threats?

Lack of Physical Hardening

Which one of the following is an OWASP IoT attack surface area?

Ecosystem (General)

Which one of the following is an OWASP IoT attack surface area?

Device Memory

Which one of the following is an OWASP IoT attack surface area?

Device Physical Interfaces

Which one of the following is an OWASP IoT attack surface area?

Device Web Interface

Which one of the following is an OWASP IoT attack surface area?

Device Firmware

Which one of the following is an OWASP IoT attack surface area?

Device Network Services

Which one of the following is an OWASP IoT attack surface area?

Administrative Interface

Which one of the following is an OWASP IoT attack surface area?

Local Data Storage

Which one of the following is an OWASP IoT attack surface area?

Cloud Web Interface

Which one of the following is an OWASP IoT attack surface area?

Third-party Backend APIs

Which one of the following is an OWASP IoT attack surface area?

Update Mechanism

Which one of the following is an OWASP IoT attack surface area?

Mobile Application

Which one of the following is an OWASP IoT attack surface area?

Vendor Backend APIs

Which one of the following is an OWASP IoT attack surface area?

Ecosystem Communication

Which one of the following is an OWASP IoT attack surface area?

Network Traffic

Which one of the following is an OWASP IoT attack surface area?

Authentication/Authorization

Which one of the following is an OWASP IoT attack surface area?

Privacy

Which one of the following is an OWASP IoT attack surface area?

Hardware (Sensors)

What converts the devices into an army of botnets to target a specific system or server, making it unavailable to provide services?

DDoS Attack

What vulnerabilities are exploited by attackers to steal confidential information such as user credentials and to perform further attacks on the target network?

Attack on HVAC Systems

What involves an attacker jamming and sniffing the signal to obtain the code transferred to a vehicle’s receiver; the attacker then uses it to unlock and steal the vehicle?

Rolling Code Attack

What involves an attacker connecting to nearby devices and exploiting the vulnerabilities of the Bluetooth protocol to compromise the device?

BlueBorne Attack

What involves an attacker jamming the signal between the sender and the receiver with malicious traffic that makes the two endpoints unable to communicate with each other?

Jamming Attack

What involves an attacker to exploit vulnerabilities in the IoT device to turn it into a backdoor and gain access to an organization’s network?

Remote Access using Backdoor

What involves attackers exploiting an open telnet port to obtain information that is shared between the connected devices, including their software and hardware models?

Remote Access using Telnet

What involves an attacker using multiple forged identities to create a strong illusion of traffic congestion, affecting communication between neighboring nodes and networks?

Sybil Attack

What is a malicious script is used by attackers to exploit poorly patched vulnerabilities in an IoT device?

Exploit Kits