Security experts explained that unlike other hacking strategies, in this case, the hackers
did not need to deceive users into taking a wrong step for hacking or infecting neither did the
victim’s device had to be paired with the hacker’s device. Instead, it was simply possible to hack
the victims if only their Bluetooth was enabled; a setting which is mostly common in today’s
IoT devices.
Moreover, it was also concluded that these aected IoT devices could be further misused to
infect other IoT devices which can include air-gapped and segregated devices with a turned-on
Bluetooth. According to an expert, this is an airborne attack vector or delivery method which is
highly susceptible to hacking.
These vulnerabilities were referred to as BlueBorne. In total, there were eight, among which
three were highly critical. The IoT security company, Armis, was then found to get this break-
through. The discovery of these security loopholes was expected to damage more than 5 billion
Bluetooth devices including smartphones, computers, smart TVs, automobile systems, and
wearables.
According to the cybersecurity analysts, it is often not possible for conventional security
solutions to detect such attacks. This is due to the fact that businesses avoid tracking or moni-
toring these device-to-device connections which make them invisible.
Among these Bluetooth vulnerabilities, one was known as the Bluetooth Pineapple. It
primarily damages Windows and Android devices. When this vulnerability is exploited, the
attacked device operates like a Wi-Fi Pineapple pentesting solution which is running a man in
the middle cyberattack. However, in contrast to a Wi-Fi man in the middle attack, the cyber-
threat is not reliant on a request to establish connection with the victim’s device nor it is required
to use any specific equipment.
REMOTE VEHICLE ACCESS
The growth of IoT has given a sharp rise to connected or smart cars, an evolution which has
been cited by many as among the most exciting auto industry development in years. The num-
ber of self-driving IoT enabled cars is increasing day-by-day as mankind looks to revolutionize
the transportation sector.
However, as it happens with all the other major IT revolutions, hackers have begun to
threaten in this space as well. As a result, there are qualms about the driver’s privacy and safety.
The expected consequences of the IoT device exploitation in smart cars are a source of
headache for many. Despite a strong public response about the features and functionalities of
connected cars, people have started to wonder whether they are safe in these IoT-enabled cars.
What can a hacker do if they are able to take control of a moving car? Such possibilities
make up for horrific possibilities. For instance, is it possible for a cybercriminal to hack the IoT
system of a car, take control of the steering vehicle and crash it into another car?
Chrysler Debacle
In 2015, one of the most famous smart car hacks happened. Fortunately, the attackers were
actually two good Samaritans: Chris Valasek and Charlie Miller. Both security professionals
were able to get access to the 2014 Jeep Cherokee and managed to turn o the brakes, adjust the
steering wheel, and shut down the engine. Moreover, they also found out that they had the ability
to exploit thousands of similar vehicles which were run at the back of Uconnect—a wireless
Chapter 11 Security Challenges for IoT 283
Internet_of_Things_CH11_pp271-308.indd 283 9/3/2019 10:16:20 AM
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.