[MUSIC] So security is a huge challenge for IoT devices. There's issues with the software writing on them, keeping them up to date. There's a lot of new code on these things that haven't been widely tested, so they have vulnerabilities in them. And there's also a problem because they're often deployed in environments where there's not someone there watching. When you have an office building and you have your Honeywell thermostats all over the place, you have humans kind of going up to them, touching them, doing things with them. And so, physical security is a big challenge for IoT, and we're going to talk about that next. We're going to start off by talking about particular challenge with IoT security, which is tapping. So the idea with tapping is if you have a device or you have a wire, and you want to kind of get information out of it or put information into it, if you have physical access, there's certain ways to kind of read information out of it just by leveraging electromagnetic interference. This is called tapping. So one really simple form of this is you have a wire that's being used for communication. Just strip it, strip out the outer sheath and clamp onto it and read the data right off of it. And this works pretty well for a lot of communications. So you can do things like encryption. You can hide data. But there's also been a lot of studies that show even if you encrypt, you can look at things like packet sizes, you can look at when packets are sent. And you could actually figure out a lot of information just by kind of watching the data going across, even if it's encrypted. So encryption doesn't really solve this problem. So this is one way to tap. Now, you can protect against this. You can kind of use stronger sheaths and things like that. But unfortunately, there's ways around that because there's ways to tap without even stripping the cable, without even touching the wire. And one way to do that is to read the electromagnetic interference off the wire by simply taking another wire and kind of wrapping it around the first wire. So this is another kind of tap. So in general, there's different ways to kind of tap wires. And one way to do it is by using a conductive tap where you form a conductive connection with your cable. Another way to do it is to use an inductive tap where you passively read the signal from Induction. And the kind of scary thing about this is there's no need for any direct physical contact. If there's a device, it might be physically enclosed, you might have a thermostat or something like that with the hard plastic shell, but you can kind of go through it with a reader and you can kind of read information right off of it. So these sorts of taps are harder to detect. It's hard to do with non-electric conductors like fiber optics. So that's one way to protect against these things. But a lot of times you can't use fiber optics, you have to use just regular transmissions, and so that's a challenge. And there's been a lot of studies that show that you can get a lot of information out of inductive taps. There's even ways to do this with electromagnetic signals. So there's these Wi-Fi cameras people are building where you can have a house and you can have all your windows closed, but people can see you in the house because Wi-Fi signals are just bouncing off you. And those things go through walls. And so, someone can kind of watch you and see what you're doing inside your house by kind of reading these signals. And they can kind of see what's on your monitor even if they're behind a wall because an Signal's kind of leaking off your monitor. So inductive tapping can be a really powerful thing to do, and people are getting really good at it. So you want to protect your devices and your deployments against these sorts of things. So there are some countermeasures to this. There's things like physical inspection. You can kind of go around, inspect your perimeter. Establish a physical perimeter and prevent people from kind of getting in. You can always do that. There's also things like physical protection. You can kind of take your cable, put it in a pipe and put pressurized gas in there. So that way, you know if someone's getting into your cable because the pressurized gas will leak, you'll detect a gas leak. You could also use a faster bit rate. If you send data faster, it actually makes it harder to tap. Because if you send it the maximum transmission rate of the cable, you need more sophisticated electronics to read it off. You can also monitor the electrical properties of the cable. Because if you have a cable and someone's tapping it, they're kind of sucking some electricity off the cable. So you can detect that, you can see how much electricity am I using to send. And does that amount of electricity kind of go up, does the resistance of the wire suddenly increase? That might be a sign someone's tapping. There's also kind of more advanced forms of this. There's something called time domain reflectometry, which we'll talk about. Which is kind of like a radar for wires where you can actually detect properties of tapping. And there's things like power monitoring a spectrum analysis where you kind of watch properties of the cable, look at reflections through the cable and things like that. So you can do these things to kind of figure out if someone's tapping you. So to kind of make this more real, I want to talk about one famous story about tapping that's called the Ivy Bells event. And what happened here was back in the 1970s there was the United States and the Soviet Union which were having a Cold War. These are two very powerful countries, a lot of intelligence and a lot of power to do things. And what the Soviet Union did is they had a naval base that was located in an island. And they ran some undersea cable over to that island to kind of communicate with it so they could send messages to them and so on. And the United States Navy found out about this. And so, in 1971, the CIA in the United States and the NSA conducted a joint operation to try and tap this cable. And they were thinking about it, and they thought we probably shouldn't cut it open because they'd probably detect that. And so, what they did is they installed this tapping device which used induction to read signals off the cable. And a picture of it is shown below here in the lower-right. It was a coil-based design, and it wrapped around the cable. And it was huge, it was three feet long. And so, what they did is they sent it down there, and it recorded signals that were sent across the cable on tapes. And they sent divers down there once in a while to collect the tapes. And luckily, communication on the cable was unencrypted because people weren't really doing this sort of thing back then, they weren't encrypting. So they were able to read data off the cable pretty easily. And so, divers would go down and collect these tapes. And this actually worked pretty well. So in 1972, Bell Labs was commissioned to generate a more powerful tapping device, which was 20 feet long and weighed six tons and had a nuclear power source to keep it running. So that would run. And it worked for over a decade. It wasn't detected by the Soviet Union. And when it was detected, it wasn't detected by people inspecting the cable. It was directed by a spy from the United States informing the Soviet Union about that. So tapping cables can be a very powerful thing to do. And cable tapping operations have continued since then. If you kind of read about this, there's all sorts of events like this that have happened in the Pacific Ocean and the Mediterranean. There is a ship in the United States Navy that has been refitted to accommodate tapping equipment, and it's received presidential commendations every year from 1994 to '97. We don't really know what it's doing officially since that's classified, but it's doing something. And so, these sorts of activities continue in operation today, but targets since 1990 remain classified. So what I've done here is I've kind of talked about tapping, and hopefully kind of made it real by talking about submarine cable. And the thing to kind of take away is that these sorts of tapping scenarios might sound far-fetched, but they're things that happen a lot in practice. And when you deal with physical security like you do a lot in IoT, you need to protect yourself against these sorts of attacks by using these sorts of countermeasures.
