[Avg. reading time: 9 minutes]
Data Layer
Data in Transit (No Encryption)
Devices send data over MQTT, CoAP, or HTTP without encryption. Anyone on the network can read or modify it.
Real-World Use Case: A smart water meter system in a municipality was transmitting usage data over plain HTTP. Attackers intercepted and altered readings, affecting billing.
Mitigation:
- Use TLS (HTTPS, MQTT over TLS)
- Use DTLS for UDP-based protocols (CoAP)
- Enforce certificate validation and pinning
- Disable plaintext endpoints completely
import ssl
import paho.mqtt.client as mqtt
client = mqtt.Client()
client.tls_set(ca_certs="ca.crt",
certfile="client.crt",
keyfile="client.key",
tls_version=ssl.PROTOCOL_TLS)
client.connect("broker.hivemq.com", 8883)
client.publish("iot/sensor", "secure message")
client.loop_start()
- ca.crt : Certificate Authority (CA) used to trust broker (on device) AND trust devices (on broker)
- client.crt : device identity (sent to broker)
- client.key : proof device owns that identity
Data at Rest (Unencrypted Databases)
Problem:
- Data stored on devices, gateways, or cloud is not encrypted.
- Anyone with access can extract it.
Real-World Use Case: In 2020, a smart door lock vendor left unencrypted SQLite DBs in devices. Attackers extracted access logs and user PINs directly from flash memory.
- Credential theft
- Sensitive data exposure
- Device compromise
Mitigation:
- Enable AES-based encryption for device-side storage
- Use full-disk encryption on gateways or fog nodes
- Enforce encryption at rest (e.g., AWS KMS, Azure SSE) in cloud databases
from cryptography.fernet import Fernet
key = Fernet.generate_key()
cipher = Fernet(key)
data = b"temperature=25"
encrypted = cipher.encrypt(data)
decrypted = cipher.decrypt(encrypted)
Insecure Cloud Storage (e.g., Public S3 Buckets)
Problem: Cloud object storage like AWS S3 or Azure Blob often gets misconfigured as public, leaking logs, firmware, or user data.
Real-World Use Case: A fitness tracker company exposed terabytes of GPS and health data by leaving their S3 bucket public and unprotected — affecting thousands of users.
Mitigation:
- Use least privilege IAM roles for all cloud resources
- Audit and scan for public buckets (AWS Macie, Prowler)
- Enable object-level encryption and access logging
- Set up guardrails and policies (e.g., SCPs, Azure Blueprints)
Lack of Data Integrity Checks
Problem: Without integrity checks, even if data is encrypted, an attacker can alter it in transit or at rest without detection.
Real-World Use Case: A smart agriculture system relied on soil sensor readings to trigger irrigation. An attacker tampered with packets to falsify dry-soil readings, wasting water.
Mitigation:
- Use Hash-based Message Authentication Code (HMAC) or digital signatures with shared secrets
- Implement checksums or hashes (SHA-256) on stored data
- Validate data consistency across nodes/cloud with audit trails
import hmac, hashlib
secret = b"key"
message = b"sensor_data=25"
signature = hmac.new(secret, message, hashlib.sha256).hexdigest()
# verify
valid = hmac.compare_digest(
signature,
hmac.new(secret, message, hashlib.sha256).hexdigest()
)
print(valid)
Sender:
- Generates HMAC using secret key
- Sends: message + signature
Receiver:
- Recomputes HMAC using same key
- Compares