Parlez-vous Machine?

Have you ever heard of the MQTT or CoAP protocols? No? Well the device on your wrist, and so many devices around you, could be using them right now. MQTT and CoAP are machine-to-machine or M2M protocols. With the rise of the internet of things (IoT) and operational technology (OT), there’s increased security focused on M2M protocols.

This is rough terrain for threat research because it takes some investment and time to investigate IoT, OT and M2M. But Trend Micro does what it takes when it comes to research, and our new report concludes that these M2M protocols are fragile and ripe for targeted attacks.

Not only are the protocols different, but so are the architectures that support them. MQTT has a broker that receives messages between agents, making it an interesting target for the bad guys. The report summarizes the exploit opportunities against a non-concurrent communication point that serves as the broker and includes specifics of the protocol and denial-of-service implications. CoAP is a client-server protocol that is not yet standardized. Not limited to consumer and general machinery, the report also addresses medical devices that use these, such as infusion pumps.

It’s likely that your current security products don’t support the analysis of MQTT and CoAP. Since simply worrying doesn’t help, the report provides guidance on what weaknesses are present and can therefore be monitored.

Most security attacks that occur today just ride on top of protocols rather than exploiting the protocols themselves. The bad news about MQTT and CoAP: Protocol weaknesses are the highest severity of attack because the hosts themselves don’t have to be compromised to attack a protocol vulnerability. Protocol weaknesses have mostly been an issue with cryptography, since the most commonly used protocols, such as the TCP/IP family, are well established and less vulnerable. And that, of course, is a core issue in OT security. These aren’t widely used or understood protocols, most aren’t TCP/IP based, and certainly only a few have had security researchers beat at them with hammer and tongs.

So, even if you aren’t responsible for SCADA and OT, M2M protocols are in consumer IoT devices and can be used as a path for lateral attacks into a corporate network.

To paraphrase Kent Brockman, “I for one welcome our new machine overlords.”