Introduction to IoT & Cyber Security

What is IoT?

The Internet of Things (IoT) is the network of physical objects—devices, instruments, vehicles, buildings, and other items embedded with electronics, circuits, software, sensors, and network connectivity that enables these objects to collect and exchange data. The Internet of Things allows objects to be sensed and controlled remotely across existing network infrastructure, creating opportunities for more direct integration of the physical world into computer-based systems, and resulting in improved efficiency and accuracy. The concept of a network of smart devices was discussed as early as 1982, with a modified Coke machine at Carnegie Mellon University becoming the first internet-connected appliance, able to report its inventory and whether newly loaded drinks were cold. Kevin Ashton (born 1968) is a British technology pioneer who is known for inventing the term "the Internet of Things" to describe a system where the Internet is connected to the physical world via ubiquitous sensors.

What is Cyber Security?

Cybersecurity may be defined as the ability to protect and recuperate from cyberattacks. According to NIST (National Institute of Standards & Technology), it can be defined as the ability to defend cyberspace usage from cyberattacks. Cyberspace could be internet, computer systems, telecom networks, embedded controllers etc. The security of any organization completely relies on three key areas namely confidentiality, availability and integrity.

why do we need cyper security on IoT gadgets?

The large number of interconnected devices and their varying levels of security make IoT networks vulnerable to cyber attacks. Hackers can exploit vulnerabilities in the devices' software, weak passwords, and other security flaws to gain unauthorized access to the network, steal sensitive information, and even take control of the devices. Once a hacker gains access to an IoT network, they can use it as a gateway to attack other systems or launch larger-scale attacks.
To mitigate the risks of cyber attacks on IoT networks, it is crucial to implement robust cybersecurity measures. This includes using strong passwords, encryption, and authentication mechanisms, as well as keeping software and firmware up-to-date with the latest security patches. Network segmentation, firewalls, and intrusion detection systems can also help prevent unauthorized access and limit the impact of any attacks.
Overall, the cybersecurity of IoT networks is essential for ensuring the safety, privacy, and reliability of the devices and systems they connect. As IoT technology continues to evolve and become more pervasive, the need for effective cybersecurity measures will only increase.


Reference


About Me



My name is Sulayman Alruwais.
I am 21 years old, Libyan student at Eastern Mediterranean University in North Cyprus.
My passion is to improve my knowledge by experiencing new skills and I am a dependable person. All my professions is done on Windows.

My hobbies:

  • Swimming
  • Volleyball
  • Exploring new places
Computer skills:
  • Programming Languages:   C, C++, Java, MySQL, and Python.
  • Web development:   HTML, CSS, JavaScript, and php.
  • Problem solving.
  • System analysis.
  • Adobe animate.
  • Networking.
  • CyberSecurity.
Languages:
  • Arabic: as the mother language.
  • English: is my second language.
  • Turkish: I am not good enough at it "I know only the basic"


Contact

Sulayman Alruwais.
IT Student.
Phone: +90 5391057111
e-mail: sulayman.alruwais@gmail.com
Location: Karakol Mah. Magusa, North Cyprus.

Also you can find my media profiles, below by clicking on media icon:
For more information, please you can leave a message.



Scanning Activity


The first activity is Scanning which I tested four command tools in Command Prompt to display Network configration of Windows oprating system.




Figure 1.1 - ipconfig



Figure 1.2 - ipconfig

Figure 1.1 and Figure 1.2 show 'ipconfig' comand-line tool that provides some information about network configration like IP Address, type, subnet mask, and default gateway for all network adapter on the system.






Figure 2.1 - ipconfig /all



Figure 2.2 - ipconfig /all

Figure 2.1 and Figure 2.2 show the 'ipconfig /all' command-line tool that provides more detailed information about network configration, containing the MAC address, DNS servers, and DHCP server information for all network adapters on the system.






Figure 3 - tracert

Figure 3 shows that I used 'tracert' command-line tool that is used to trace the route that packets take from your computer to a specified destination on the Internet. I tested a website called 'www.a2hosting.com' to see what information gives me, for example the hops assigned from my computer to the website?, and other questions.
Q1 - How many hops from your machine to your assigned website?
There are 5 hops assigned from my laptop to www.a2hosting.com and over maximum of 30 hops.
Q2 - Which step causes the biggest delay in the route? What is the average duration of that delay?
The fourth hop causes the biggest delay, with average duration 19.3 ms.





Figure 4 - nslookup

Figure 4 shows a command 'nslookup' network tool that is useful for troubleshooting network issues and verifying DNS information.
It displays the Domain Name System(DNS), IP address, domain name, and other DNS records.


Reflect

Overall, in the activity 1 I have learned some command-line tools for scanning, and these commands are 'ipconfig', 'ipconfig /all', 'nslookup', and 'tracert'.
I have learned how to get more information about networking configration as well as website info such as MAC address, IP address, DNS records, and the packets that is sent from my laptop to any assigned website. Also it will help me to troubleshooting any network problem that may face me in the future.

HoneyPot atteck


A honeypot is a security resource intentionally designed to be explored, exploited, or hacked to detect and gather data on attack trends, hacker motives, and technical abilities. It is a detection and reaction tool, not a preventive one, and does not block specific intrusions or the transmission of viruses or worms. Defenders can use the information gathered to construct stronger defences and countermeasures against future security threats. Overall, honeypots are used to learn as much as possible about attack patterns and hacker behaviour.



Figure 1

Figure 1 shows that I am on terminal in Lunix Kali oprating system to do Honeypot Attack, so first thing in normal user I wrote 'ifconfig' command to get inet IP, because I will need it later.




Figure 2

Figure 2 shows from where I downloaded the honeypot tool which is 'PENTBOX'. So how did I install the PENTBOX?
In Google I wrote "pentbox honeypot", then I went to GitHub website then scroll down then you will find the link like in Figure 2, just copy the link and pasted in Kali Lunix terminal after you enter as a root user as in Figure 3.1.




Figure 3.1



Figure 3.2

Figure 3.1, after I pasted the link and pressed enter, it will be installed, so I type 'ls' command to list computer directories. Then I change the working directory to 'pentbox', after that I ran it.
Figure 3.2 shows the running of PENTBOX.




Figure 4.1



Figure 4.2



Figure 4.3



Figure 4.4

Figure 4.1, After I ran the PENTBOX, I went inside the PENTBOX to pentbox-1.8 directory. Then I used 'ls' command to see if 'pentbox.rb' is found or not. Then I ran it to start set up.
Figure 4.2 shows after I excuted it (pentbox.rb), it listed the options, which in honeypot should choose second option (Network tools), then it listed different type of attacks which we need is honeypot (number 3) as it shown in Figure 4.3. Then in honeypot option I chose Manual configration (option 2), after that I insarted the port which it was 443 and the message "Cought You!! haha".
Figure 4.4 I saved the log instrusions and I did not change the name of the log file. Also I did not activate the beep() sound. after I set up the honeypot attack, you can see it is activated in Figure 4.4.




Figure 5

Figure 5 shows the inet IP that we took in Figure 1, it was working before, but after the attck it had secure connection failed.

Reflect

Honeypots can be a valuable addition to a comprehensive security strategy, it's important to carefully consider their benefits and drawbacks and use them appropriately. They should not be relied upon as the sole means of security, but rather as one tool in a larger toolbox.
Overall, I have learned how to install the pentbox and set up the hoenypot detection and how benefit it is, and I had not any learning difficulty about honeypot, installing pentbox, and set it up.


Reference


Distributed Denial-of-Service (DDoS) attack


What is DDoS attack?

A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.
DDoS attacks achieve effectiveness by utilizing multiple compromised computer systems as sources of attack traffic. Exploited machines can include computers and other networked resources such as IoT devices.
From a high level, a DDoS attack is like an unexpected traffic jam clogging up the highway, preventing regular traffic from arriving at its destination.



Figure 1

Figure 1, The first thing to do is knowing the target IP address, so I used 'ping' with the URL address which I used a website called 'www.a2hosting.com', and this step done in Command Prompt as a system user.
So the IP address of the website 'www.a2hosting.com' was 45.93.124.14.





Figure 2

Figure 2, after we knew the IP Address, in Kali Linux terminal I used 'sudo -i' to be a root user to have permission to all available commands and files on Linux. Then I typed 'msfconsole' which is probably the most popular interface to the Metasploit Framework (MSF). It provides an "all-in-one" centralized console and allows you efficient access to virtually all of the options available in the MSF.





Figure 3.1



Figure 3.2

Figure 3.1, after 'msfconsole' finished, I used 'use auxiliary/dos/tcp/synflood' to get access as I the instractor gave it to us, then I used 'show options' to see the options and what the target port and host.
Figure 3.2, Then after that I set RHost "rhost 'IP Address' " to the target website or server which is '45.93.124.14', also I set RPort "rport '80 or 443'" we have two port and I chose port 80 as the instructor said in the lecture, then this I ran it.





Figure 4

Figure 4, So after I made it ready I went to Wireshar and I started it as you can see in the image.
How do you know if it is working or not?
Under the Destination you see the targeted website's IP address which means that it is working.





Figure 5

Figure 5, shows that the targeted website is not reachable. It may take some time to disable the website.

Reflect

In this attack I have learned how to do flooding attack to a server, and it was a smooth learning, because it took my attention of how a hacker stop a website and it is my first attack I learned in this course. Also it will help me to improve my knowledge about this attack and how to mitigate it. I have tried this attack 2 times rather than this one and it worked smoothly.

Reference

Digitalization



What is Digitalization?

Digitalization is the process of leveraging digital technologies to transform a business model, creating new revenue streams and value-producing opportunities. This involves integrating digital tools and systems into various aspects of a business's operations, from management and communication to production and customer service. In today's competitive landscape, digitalization has become essential for businesses to stay relevant and thrive. It enables organizations to adapt to rapidly changing market conditions, meet customer expectations, and optimize their processes for greater efficiency and productivity. Using digitized information, digitalization is the process of making workflows and processes easier and more efficient. Especially in today's tech-driven world, it is crucial to adopt a digital culture in order to survive and succeed.

What are the security implications of the digital economy?

In the digital economy, organizations rely heavily on information technology systems and networks to conduct their operations. This dependence introduces various security challenges. Cybersecurity threats, such as hacking, data breaches, and malware attacks, pose significant risks to digital infrastructure, sensitive data, and intellectual property. The increased connectivity and interdependence of digital systems also amplify the potential for cascading effects and systemic risks. A single vulnerability or breach in one part of the digital ecosystem can have far-reaching consequences, impacting multiple organizations and sectors.

Additionally, the digital economy's global nature raises concerns about international cyber espionage, cyber warfare, and state-sponsored attacks. Governments and malicious actors may seek to exploit vulnerabilities in digital systems for economic, political, or military gains, leading to potential destabilization and conflicts. Privacy and data protection are crucial concerns in the digital economy. The collection, storage, and analysis of vast amounts of personal data raise ethical and legal issues. Unauthorized access or misuse of personal information can result in identity theft, financial fraud, and invasions of privacy.

Moreover, the rapid pace of technological advancements in the digital economy creates challenges for security practices and regulations. As new technologies emerge, traditional security measures may become outdated, requiring continuous adaptation and investment in cybersecurity capabilities. To address these security implications, organizations need to adopt a proactive and comprehensive approach to cybersecurity. This includes implementing robust security measures, conducting regular risk assessments, raising awareness among employees, and fostering collaboration between public and private sectors to share threat intelligence and best practices.

Fully digital enterprise

A 'fully digital enterprise' refers to an organization that has embraced digital technologies across all aspects of its operations, processes, and interactions. It entails leveraging digital tools and platforms for communication, data storage and analysis, customer engagement, supply chain management, and more. Essentially, a fully digital enterprise utilizes technology extensively to optimize its efficiency, productivity, and customer experience.

cyber Security challenges/concerns of fully digital enterprise

A fully digital enterprise introduces several cyber security challenges and concerns. Here are some key ones to consider:

  1. Data breaches.
  2. Insider threats.
  3. Malware and ransomware attacks.
  4. Third-party risks.
  5. Cloud security challenges.
  6. Regulatory compliance.
  7. Social engineering attacks.
  8. Internet of Things (IoT) vulnerabilities.

What are the cyber security challenges for a bricks and mortar SME wanting to become a digital enterprise?

Low-security budget, lack of cyber-skills and increase in cyber-attacks can seriously impact SME's competitiveness and compromise event the value-chain they are connected to. This is why is fundamental for SMEs to start taking the right steps to secure their business.

Reflect

The digital economy offers numerous opportunities but also brings security challenges. A fully digital enterprise utilizes digital technologies across its operations, introducing risks such as data breaches, insider threats, malware attacks, and regulatory compliance. Bricks and mortar SMEs transitioning to digital face challenges due to limited resources, integration issues, and increased attack surface.
In my point of view, digitalization is very important for all companies even that the company is small(not international company), because if a company got hacked or some sensitive information got leaked, it may effect other company which also effect the economy.

Reference

OWASP Top 10 and IEEE Top 10 vulnerabilities


OWASP Top 10 vulnerabilities

What is OWASP?
The Open Worldwide Application Security Project (OWASP) is an online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. The OWASP provides free and open resources. It is led by a non-profit called The OWASP Foundation. The OWASP Top 10 - 2021 is the published result of recent research based on comprehensive data compiled from over 40 partner organizations.
But in this activity, we will discuss OWASP top 10 vulnerabilities 2023:

  1. Broken Access Control
    During app development, access controls are applied that prohibit users from retrieving the information out of their given permission. Failure to perform efficiently can lead to unauthorized information disclosure, data modification, destruction of all data and many other damages. When an application evolves with time and numerous features are loaded to it, failure can occur and this can result in fallout for the application's security. Broken Access Control in any application or website must be prevented at all cost. It is among the commonly faced OWASP 2023 vulnerabilities.

  2. Cryptographic Failures
    Poor use of cryptography and algorithm are responsible for a series of threats that are known as Cryptographic failures. It is important to use encrypted connections to application like SFTP, HTTPS, SSH, etc while carrying out any configuration or code changes. This vulnerability can expose sensitive data such as passwords, business records, credit card information, email addresses, patient health records, or other personal user data. To prevent this, all data should be stored with the recommended hashing algorithms.

  3. Injection
    Injection is one of the oldest vulnerability that can lead to data loss, data theft, service denial, etc and in worst scenario can compromise the full system. Injection attacks, especially SQL Injections (SQLi attacks) and Cross-site Scripting (XSS), are most dangerous and widespread weakness of any application. Other than these, there are several other types of Injections that a web developer should look out for. Using a safe API and positive server-side input validation can help in preventing Injections.

  4. Insecure Design
    To keep application free of security gaps, it is recommended that developers use safe design patterns and securely created threat modeling while designing. A secure application can be build using secured component library, tooling and methodology. Implementation of ineffective control design can lead to different weaknesses termed as Insecure Design. It is suggested to determine the level of security design before beginning the app development to prevent Insecure Design vulnerability.

  5. Security Misconfiguration
    Inaccurately or insecurely configured security controls can cause Security Misconfiguration vulnerability and put the system and data to risk. Unnecessary features enabled or installed, outdated software, etc can also cause Security Misconfiguration. This threat can impact any layer of the application stack, cloud or network, leaving important information to expose. It can be prevented by implementing secure installation process. Using an automated process to verify the effectiveness of the configurations and settings in all environments is also recommended.

  6. Vulnerable and Outdated Components
    If the components used in the development of a website or application is outdated or is vulnerable itself, it can compromise the whole application. This is known as Vulnerable and Outdated Components vulnerability. A developer should also always know the versions of components being used and should perform regular scan for vulnerabilities to keep problems at bay. As a protective measure, remove unnecessary features, unused dependencies, components, files and documentation from time to time.

  7. Identification and Authentication Failures
    Before accessing any protected site, the application must keep a check on user's identity, authentication, and session management. These things are important for protection against authentication-related attacks or can else lead to Identification and Authentication Failures vulnerability. With the introduction of two-factor authentication, the number of failures has reduced but is still too frequent to be listed in the OWASP Top 10 vulnerabilities 2023. Limiting failed login attempts and generating a new random session ID at every login can further prevent the issue.

  8. Software and Data Integrity Failures
    Code and infrastructure that does not protect against integrity violations can lead to Software and data integrity failures. It is therefore important to verify the installed packages on your system and make sure that the data is from a reliable source and has not been altered at any stage. Implementing libraries and dependencies, software supply chain security tool, and review process for code and configuration changes are other ways of preventing this vulnerability.

  9. Security Logging and Monitoring
    Security logging and monitoring are vital to the maintenance of a secure infrastructure. Viewing the logs regularly can be helpful in acting fast in case any potentially dangerous activity is noticed. On the other hand, insufficient monitoring of log activities can lead to a bunch of issues collectively termed as Security logging and monitoring vulnerability. Depending on the risk of the application, protective measures must be applied to eliminate any risk as soon as possible.

  10. Server-Side Request Forgery
    Server-Side Request Forgery (SSRF) occurs when a web application procures a distant resource without validating the URL supplied by the user. The attacker can send a crafted request to an unexpected destination, even if protected by a firewall or VPN. Both frequency and severity of this vulnerability has increased with time. To protect an application against SSRF, all the data entered should be checked carefully and each URL scheme should be checked against the allowed list.

IEEE Top 10 vulnerabilities

What is IEEE?
The IEEE (Institute of Electrical and Electronics Engineers) describes itself as "the world's largest technical professional society -- promoting the development and application of electrotechnology and allied sciences for the benefit of humanity, the advancement of the profession, and the well-being of our members."

Reflect

In this activity, I have done researches about both OWASP top 10 vulnerabilities(2023 version) and IEEE top 10 vulnerabilities(2021 version), the comeout of my researches is that for the IEEE, I did not found the source and some resources gave me the same as the OWASP top 10.
So, I will just reflect on the OWASP. As I mentioned above about the top 10 vulnerabilities of OWASP, before I made the research about it, I thought some of the vulnerabilities is not that important such as "Vulnerable and Outdated Components", I found it in the top 10.

Reference

vulnerability database




Figure 1



Figure 2



Figure 3



Figure 4


Reflect

During the lab activity, we focused on exploring the Vulnerability Database using the Metasploit framework. This framework is a powerful tool that is commonly utilized by both cybersecurity professionals and malicious attackers. Unfortunately, I found the activity to be quite confusing as I lacked prior knowledge in this area. I have included some screenshots from the activity in Figures 1, 2, 3, and 4. Despite my confusion, I recognize the significance of understanding and addressing vulnerabilities to ensure the security of systems and applications.

Arduino uno seminar


In this seminar, I have learned about Arduino uno and how it works and what is the main components and which application they use to develop it and which programming language they use.



Figure 1



Figure 2



Figure 3



Figure 4



Figure 5



Figure 6


Reflect

This seminar, organized by Professor Beran on May 16th, 2023, which it was about the Arduino Uno microcontroller. The guest speaker, Ali Uker, began by providing an explanation of what the Arduino Uno is (refer to 'Figure 2'). He then proceeded to discuss the main components of the microcontroller and showcased some of his own real-world projects, including Traffic Lights (see 'Figure 4' and 'Figure 5'). I was interested about it because as I mentioned it was about real-world project and it is an important microcontroller broad.
Overall, the seminar was informative, covering the basics of the Arduino Uno microcontroller and its main components. However, it would have been even more valuable if larger-scale real-world projects were prepared and explained.

Best Elevator Project


Project Best Elevator
Objectives
  • Increase customer loyalty.
  • Improve service maintenance and predictive maintenance.
  • Manage spare parts inventory more efficiently.
  • Improve product design and technician training.
  • Improve uptime and field service efficiency.
  • Allocate scarce service technicians more efficiently.
  • Communicate more effectively with suppliers.
Increase customer loyalty Sensor data are able to predict issues allowing to take proactive measures before these turn into a failure and ultimately resulting into machine downtime and customer frustration.
Improve service maintenance and predictive maintenance By Monitoring Operating Conditions: Like the IoT devices in other building systems, elevator IoT devices make gathering data simple and effortless. an IoT-enabled elevator might gather data in any of these areas:
Critical safety circuits, Load weighing, Number of trips, Number of door cycles, Wait times, Traffic trends, and Ride analysis.
Manage spare parts inventory more efficiently An IoT-enabled elevators can automatically detect when specific parts are malfunctioning or need replacement. This information can be sent to the inventory management system in real-time, triggering automatic reordering or generating alerts to ensure spare parts availability.
Improve product design and technician training An IoT devices are a powerful tool for orchestrating maintenance operations. Their ability to analyze large streams of performance data and predict future requirements eliminates the need for manual processes.
Improve uptime and field service efficiency With IoT sensors constantly monitoring elevator performance, service technicians can receive real-time alerts and notifications regarding any potential issues or malfunctions. This enables them to respond promptly, minimizing downtime and improving overall elevator uptime.
Allocate scarce service technicians more efficiently IoT data can provide insights into the performance of different elevators, helping companies identify elevators that require frequent maintenance or have higher failure rates.
Communicate more effectively with suppliers IoT-enabled elevators can facilitate seamless communication with suppliers and manufacturers. Real-time data on elevator performance and maintenance needs can be shared with suppliers automatically, enabling them to proactively address issues and ensure timely delivery of spare parts.

Reflect

Best Elevator Project is a project that develops elevators to be more beneficial by using and implementing IoT devices, the main goals for this project are to increase customer loyalty, improve maintenance, prodect design, technician traing, and somr others.
At fisrt, I thought that elevators does not need that much of IoT devices and sensors, so after I made researches about it, I found out that elevators contain many IoT sensors. Overall after the prefessor explained about it and told us to do researches, which it was very beneficial and it changed my thought about elevators.

Reference