Almost all the Internet of Things (IoT) devices in the current day scenario interact with other devices to exchange information and take action. It is highly essential to know about the wireless protocols that are used by IoT devices and the security issues affecting them, in order to pen test IoT devices effectively.
Wireless communication or radio simply is a way of transferring data from the source to destination through the communication medium of air using electromagnetic waves. The radio signals are the same signals that are used in your common devices such as microwave, light, and infra-red; it's just that the signal in each case varies in wavelength and frequency. In case of wireless communication, the data that needs to be transmitted is first converted into an electric signal using the potential difference and the location of the antenna from which the signal originates, carried across by a carrier wave, and then demodulated at the other end to obtain the actual data that was sent by the source. We won't get into further detail about electromagnetic concepts and how an electric signal is generated from the data, as it is beyond the scope for this chapter.
IoT devices work on various wireless communication protocols ranging from cellular to Wi-Fi, depending on the product requirements and device manufacturer's preferences. It would be impossible to cover all the various wireless communication protocols in a single chapter or book, however, we will be focusing on the overall penetration testing methodology and covering the two most common protocols—ZigBee and Bluetooth Low Energy (BLE).
The different wireless protocols serve their own purpose and have their own pros and cons. Each of them operate at a specified frequency (or frequency range) and will require a different pen tester hardware and software setup to be able to analyze the packets for that communication protocol.
Before going into the individual protocols, we will take an in-depth look at Software Defined Radio (SDR), which is one of the most important concepts when it comes to radio reversing and hacking for IoT devices. We will also get ourselves familiar with the various underlying foundational concepts that are required in order to understand radio hacking and SDR in a better way.