IOT Pen testing Service

The term Internet of Things (IoT) refers to the use of standard Internet protocols for the human-to-thing or thing-to-thing communication in embedded networks. The IOT penetration testing goes beyond basic analysis to consider the whole ecosystem of the IoT technology, covering every segment and how each impacts the security of the whole. This service in CyberSRC^® includes the IoT mobile application, cloud APIs, communication and protocols, and embedded hardware and firmware. An IoT network is one where devices, vehicles, buildings and other items integrate with electronics, software, sensors, and network connectivity which enables these objects to collect, exchange data and generally, communicate. The IoT concept applies  to many sectors:

• Smart Home
• Smart Cities
• Medical & Healthcare
• Industrial Control Systems & Industry 4.0
• Energy
• Wearables
• Automotive

CyberSRC provides IoT penetration testing services aligned with the OWASP IoT project.

CyberSRC^® recommend an Internet of Things security test which is performed for any device that will be connected to a network under normal use. From cameras to toothbrushes, connected devices are actively being targeted by threat actors aiming to:

• Serve malicious or illegally obtained software
• Compromise individual and corporate privacy
• Details of the motivations and goals for the relevant threats

In particular, devices that are designed to be ‘plug and play’ should be subject to an Internet of Things penetration test; their low barrier to setup often means that they are deployed in suboptimal security configurations. For organizations that produce Internet of Things devices and are concerned about their security posture, CyberSRC^® offer a world class penetration testing service.

• Protecting the IOT networks against modern cyber threats.
• Providing proper solutions to ensure security, safety and continuity of critical energy systems vital to our everyday lives.
• Unique technologies and services to prevent, detect and manage cyber threats exploiting associated systems.
• Our mission is to adapt this new world to cope with emerging cyber threats, bringing innovative technology solutions and operations
• Protecting major water dispensing, sanitation and desalination operation systems, providing security throughout the entire life cycle
• Real time monitoring and network traffic control, detecting and handling cyber and physical security & safety incidents.

1. Scoping

During this phase, an operational environment is discussed and established with the help of written/verbal communication & scoping questionnaires, defining:

• Legislation/compliance obligations related to pentesting activities
• Organizational cybersecurity-needs
• Which assets of the organization are to be tested and which are excluded
• Allowed types of attacks
• Testing period and time zones
• Means of communication

2. Attack Surface Mapping

A detailed architecture diagram of the IoT infrastructure is constructed, highlighting all the possible entry points an adversary can use to penetrate. Active & passive OSINT (Open-Source Intelligence) techniques are used in combination with neutral observation actions in order to collect as much information as possible regarding the targets to be tested. The more the information, the most attack vectors can be crafted.

3. Binary & Firmware Analysis

The firmware residing inside the IoT devices, as well as any companion / utility software is reverse engineered to discover potential sensitive information. You need to handover the devices to our analysts for a specified period of time, in order to perform:

• Application binaries de-compilation
• Firmware binaries reverse engineering
• Encryption & obfuscation techniques analysis
• Used 3rd party libraries analysis

4. Hardware & Software Exploitation

The main exploitation activities aim to take control of the IoT device(s) and perform a PoC-manipulation of the services the IoT network provides. These actions include:

• Assessing hardware communication / interconnection protocols
• Tampering protection mechanisms
• Fuzzing & side-Channel attacks
• Assessment & exploitation of wireless protocols
• Attacking protocol specific vulnerabilities
• Web application & API (hosted or cloud) vulnerability exploitation (incl. OWASP Top10)
• Desktop & Mobile application vulnerability exploitation

5. Reporting

Reports are a crucial step in a penetration testing engagement as the cornerstone deliverable which provide meaningful insights regarding the security posture of your organization, along with remediation recommendation for each detected risk. Our reports are built upon the following elements:

• Executive summary for the management board, C-level executives
• Intelligence report for mid-level roles
• Detailed Technical report regarding the findings
• Prioritized risk-based reporting
• Traceability steps for each finding (traceID ™)
• Security readiness badge (SpearBadge ™)
• Remediation recommendations