Many “classic” M2M deployments have involved fairly mature technologies with low requirements for data transmissions – think of an electrical meter dripping bits of information on a 2G connection – where cost-savings are at a premium and security not even an afterthought. This is changing rapidly for a variety of reasons. M2M technology is increasingly deployed in areas such as healthcare, where data integrity is crucial, M2M deployments are becoming more integrated with backbone enterprise software systems, and it has become clear that, in many cases, the simpler the technology is the more vulnerable M2M connections are to hacking and other threats.
The industry has a long way to go in regards to security. There are numerous examples of M2M modules being hacked with intent – the US National Science Foundation (NSF) recently backed a study to determine what kind of consumer information could be drawn from smart meters – and there appears to be little standing in the way of those bent on using the vulnerability of typical M2M connections to steal data and disrupt networks. New deployment regimes using more robust encryption or “trusted” network environments are promising, but will surely add costs in an industry that has always struggled to achieve ARPUs.
Robin Duke-Woolley, CEO of leading M2M research firm Beecham Research, says “security has long been an underappreciated issue in the machine-to-machine solutions sector, but our research shows that is becoming front-and-center. In a recent survey of M2M solution providers, 60% considered it to be the top priority in delivering M2M projects. This increasing priority coincides with greater use of M2M data throughout the organization and is closely linked with increasing integration with IT systems and the growing trend for M2M solutions becoming mission critical.” Beecham will publish a report on the subject in March of this year.
Results of the NSF study on hacking smart meters were published by the Association for Computing Machinery in October, and determined that, by means of “spoofing” and reverse engineering, it was fairly easy to communicate with commonly deployed electrical meters. Using little more than a desk-top computer with an Internet connection, the researchers were able to determine electrical consumption within homes, to know if residents were on-premises, and (through infiltration of set-top cable boxes) even to determine which TV stations people were watching.
A similar project was undertaken in Germany by “Hunz,” an otherwise anonymous (and apparently benevolent) hacker, who presented his findings at the Chaos Communications Camp conference in August of 2011. Using a vanilla automotive GSM module bought on eBay, commonly available “sniffing” software, and a laptop with Internet, he was able to breach the PIN-protected SIM card, gain access to the cellular network, and communicate with other IP addresses on the network. Based on highly variable response times, Hunz assumed that he was actually communicating with other moving vehicles. At that point, concerned about driver safety, he said he shut the project down.
Hunz pointed out that debugging interfaces and internal interfaces that connect the GSM module to the microprocessor and to the SIM card are particularly vulnerable to infiltration. “Security standards for most M2M devices are pretty much in the 80s,” he said, noting that the SIM card on the GSM module was still active. Not so benevolent were thieves that broke into traffic lights outfitted with SIM cards in Johannesburg, South Africa later in 2011 – they physically broke into the lights, stole the cards, and apparently used them to make millions of dollars in illicit phone calls.
One promising solution is end-to-end encryption, where M2M data is encrypted at the source, and only decrypted only when it arrives at its destination, lowering the risk of intermediate breaches. These technologies are said to increase costs and strain networks by requiring more aggregation of data packets. Another solution could be integrated “Trusted Environments” (TREs) – a subscription access regime where only trusted devices gain access to a network and are then constantly monitored for “normal” behavior. TREs show promise, but may require new forms of certification from hardware vendors and new network infrastructures. “There is a growing realization that, unless you have end-to-end security, you effectively have no security,” says Duke-Woolley.