New research shows how easily LoRaWAN smart devices networks can be hacked

New research shows how easily LoRaWAN smart devices networks can be hacked
IoT News is a practical resource providing news, analysis and opinion on the burgeoning Internet of Things ecosystem, from standardisation, to business use cases, and development opportunities. We take the best research and put our own spin on it, report from the frontline of the industry, as well as feature contributions from companies at the heart of this revolution.

A new research paper from IOActive has found a host of cybersecurity issues in the LoRaWAN protocol that could put network users at risk of attacks.

The study, titled ‘LoRaWAN Networks Susceptible To Hacking: Common Cyber Security Problems, How To Detect And Prevent Them’, warned widespread disruption and even risk to life could occur in some extreme cases.

During their study, the IOActive researchers found the root keys usually used for encrypting communications between devices, gateways, and network servers are poorly protected most of the time and are easily obtainable through different methods by malicious hackers who may use these keys to send false data and conduct denial of service attacks.

The paper eventually found that, presently, there is no solution for an organisation to identify whether a LoRaWAN network is being or has been attacked or if an encryption key has already been compromised. Hence, IOActive has released a LoRaWAN Auditing Framework that enables users to audit and pentest the security of their infrastructure to reduce the impact of an attack, making sure that the LoRaWAN networks are deployed securely.

Recently, a study conducted by Swiss web security firm ImmuniWeb found that nearly all major airports in the world do not have any kind of security systems to protect their websites, mobile applications, and public clouds. However, during the research, the Amsterdam Airport Schiphol, Helsinki-Vantaa Airport, and Dublin Airport, were found to be three exceptions that passed all tests without one single major issue being detected.

You can read the full IOActive report here (pdf, no opt-in required).

Interested in hearing industry leaders discuss subjects like this? Attend the co-located 5G Expo, IoT Tech Expo, Blockchain Expo, AI & Big Data Expo, and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London, and Amsterdam.

View Comments
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *