As attackers and attack plans become more sophisticated and mature, and consumers are increasingly able to accept new technologies, they are pushing the Internet of Things (IoT) to expand while also increasing the probability of receiving 'decoys' at the edge of the Internet of Things. Ready to guard against new phishing scams?
Imagine having your new package hand-delivered to you on your anniversary, birthday, or holiday, and you are looking forward to opening the package and discovering that it is the newest IoT tech gadget, perhaps an event recorder, or even Is a networked sprinkler controller, and in short is something you've always wanted. You (you) thought: 'great!' But who sent it in the first place? On the other hand, you quickly install the device and use your home Wi-Fi network login to pair the device with your smartphone. Now, unwittingly, you create an opportunity for the attacker to let him Can get your valuable information.
Most people nowadays know that phishing emails are used to put malware into personal computing devices. But what if phishing attacks use IoT's edge nodes as bait, as in the above scenario? As attackers and attack plans become more sophisticated and mature, the situation is becoming more and more likely to occur.In addition to the attacker's expertise continues to increase, consumers are increasingly able to accept new technologies to promote the Internet of Things The expansion also increases the chances of receiving IoT edge nodes 'bait'.
So, what's wrong with the above scenario? What can the protagonist do to prevent things from happening? There are many scenarios that could lead to the success of such attacks that turn familiar breaches of the product into a malicious attack. The device manufacturer did not properly protect the firmware originally installed and the firmware update that was released after the device was deployed.
As with the secret function of cryptography, there are some simple steps you can take to make and develop an embedded device, making it especially difficult for such attacks to be performed while the device is actually in use. With the right technology, Into the built-in memory, and permanently locked. Firmware updates can also be protected by encryption.
Let's examine how NXP security can be used to prevent this threat Threat NXP's Kinetis microcontrollers (MCUs) and enabled boot loader Kinetis Bootloader or KBOOT consolidate hardware and software capabilities for security Firmware builds and protects future firmware downloads from end devices KBOOT is a boot loader built into flash memory or ROM with additional built-in tools to launch Kinetis throughout the product life cycle MCU programming work.
This KBOOT launcher provides software firewalls and uses cryptographic hardware acceleration to handle jobs that program firmware into internal or external memory and thereby leverage the security technology of the Kinetis MCU KBOOT identifies the security level at the chip level On some devices, once in safe mode, the only way to program firmware using KBOOT is to use encrypted Binary files. Any attempt to update firmware will fail, meaning that only secure binary The file created by the holder of the Secure Binary Key can be accepted and the firmware downloaded to the Kinetis MCU using KBOOT.
KBOOT comes complete with source code, is highly customizable and allows for more custom modifications to enhance application firmware security, for example, Kinetis MCUs can be set to boot loader Flash memory, and through the chip's security settings, to make this program can not be modified with this protection mechanism, the attacker must completely remove and replace the IC chip in order to copy.Because KBOOT is Open the source code software, so can be modified to tailor the encryption and integrity check algorithms end users want to build a powerful security mechanism is a possible practice, in addition to KBOOT, and then use the embedded Security elements, the use of a secure server to add a device authentication mechanism to enhance the safety of the entire product life cycle.
As a consumer, we have not been able to do much more against such targeted phishing attacks, and knowing the probability of an attack does not guarantee that we are always protected, but NXP is responding to such threats The solution, through KBOOT software and Kinetis MCUs, will make it easier for embedded developers to integrate the required firmware protection features to ensure these attacks are resolved.