The Internet of Things (IoT for short), also known as the Internet of Things, originated in 1999.
The term refers to the networking of devices that independently talk to other devices over the Internet and exchange information.
These include device classes that cannot be assigned to the classic device classes, such as servers, desktop computers or smartphones (see Vollmer 2018).
Normally, a command that a person enters into the system triggers a process. With the Internet of Things, it is the devices themselves that give the command. The basic requirement is of course that the device is connected to the Internet. The current term “smart” devices (translated: intelligent devices) is on everyone’s lips these days. The basic setting of these devices means that the user does not have to take action himself, but rather the devices start communication as soon as a certain event has been reached or triggered.
In order to efficiently connect functionally limited devices to the Internet, the network settings also had to be standardized. The so-called Internet Engineering Task Force (IETF for short) introduced a new IEEE 802.15.4 standard in 2004 specifically for this purpose. This standard supports an energy-efficient radio connection between devices. Another basic requirement was the introduction of Bluetooth 4.0 for mobile devices. Bluetooth enables data exchange between two devices that are within a short distance of each other.
In addition, the standard of network protocols was raised from IPv4 to IPv6. This change supports a higher number of possible addresses on the Internet. As in real life, each device on the Internet receives its own address, which other devices can use to contact this device or the device itself can send packets to other addresses.
In addition, a simplified version of the HTML protocol was introduced into the digital world with the Constrained Application Protocol (CoAP protocol for short). Here too, the background to the introduction was that transmission is also possible with the lowest possible transmission rates. The CoAP protocol enables access to services on the Internet (e.g. websites)1.
1 See complete paragraph Prehofer 2014.
When connecting many different devices over the Internet and collecting personal information, this in turn offers scope for criminal activities. Therefore, ensuring the protection of data during collection and transmission is the central challenge in the Internet of Things area. The biggest problem in the area of “smart devices” is customers’ purchasing decisions, which are based on the device functions and do not take the security settings into account. Furthermore, most intelligent devices do not have sufficient basic security settings and manufacturers cannot keep up with the necessary software updates for known vulnerabilities in their end products quickly enough or at all. This offers cybercriminals easy entry doors to obtain sensitive information from private individuals or companies (see Vollmer 2018).
The handling and allocation of IPv6 addresses presents a major security gap for private individuals, but especially for companies. Due to the technical properties and the differences between the two protocol types IPv4 and IPv6, new security gaps have arisen2. As already mentioned in the previous chapter, the IPv6 standard was introduced because the possible IP addresses in the IPv4 network had been used up since 2011. With the IPv6 standard, 19 times as many possible IP addresses can now be assigned. This is accompanied by talk among network architects of the “principle of small networks”. Every device can be connected directly to the Internet and has global access. Due to the scarcity of IP addresses in the IPv4 standard, this was not possible for every device. These were often linked to a local network and this network only had one IP address through which it communicated with the global Internet. With additional configurations of a so-called network address translation (NAT for short) between the global Internet and your own network, the security of your own network could be increased. Because with network address translation, the address in the header of the Internet protocol is changed when packets are sent.
The “small network principle” currently poses the risk that every device, no matter how small, can be attacked from the outside because it is directly accessible from the Internet. Insofar as a network address translation has not been correctly configured by the user. If the configuration is inadequate, for example, movement profiles of individual devices can be created, making it easier for potential hacker groups to take over the devices.
There are also possible disadvantages Denial of Service Attacks on individual devices; This can cause devices to crash. It is recommended that the devices communicate with the Internet via a proxy (see BSI Guide 2012). Depending on the configuration of the proxy, an analysis or evaluation of the data traffic can be created afterwards.
The new IPv6 standard entails increased configuration effort for the device owners and also new security techniques that should in turn be applied.
The BSI recommends that companies work with IT security companies to set up the configurations and architecture of their networks (see BSI Guide 2012, p. 13, Chapter 3.5).
2 For more detailed information, ProSec Networks GmbH recommends reading the BSI guidelines in the sources listed below.
In the coming years we will face further exciting challenges in the area of the Internet of Things in Germany. Through the implementation of 5G technology and the associated increase in network bandwidth. This allows devices to transmit more information and data in less time via mobile data. This opens up completely new possibilities in logistics or in the healthcare industry. Conversely, it also offers new challenges, especially in the area of IT security as well as filtering and processing extremely large amounts of data in order to derive the right insights.
