Identity, Please?

Identity, Please?

Longtime readers know my fondness for the story of the grocery store owner. Through her desire to lower her power bills, we were provided a view into the types of problems that IoT and Edge can solve - even in a small family-owned grocery store. (If you missed the saga - check out Part 1 and Part 2!)

Life has been good for our store owner. Over time, the power company's tax credits saved her enough money to do something she always dreamed of: opening a second store across town built and designed by her! Since she was creating the store herself, she accounted for the "smarts" brought by the IoT equipment. She even took it a step further and built a control room to pipe the data from both her new and original store. She can finally take back her office from those programmers.

After months of construction, her store opened! She staffed her control room during business hours and utilized a cloud-based analytics application (think PowerBI) to monitor off-hours from home.

Life is great - let's throw a wrench in it.

On a calm Monday, our owner noticed that the rate of data flowing from the original store dropped drastically. Did one of the refrigerators explode?! She rushed back to the store and saw that someone from her tech team was already working on it (thanks, cloud monitors ;) ). He described to her that one of the IoT Edge nodes failed - this happens as these devices run all day, every day. He suggested contacting the manufacturer of their IoT device suite to provide a replacement - no big deal!

Fifty or so dollars, and a day later, the replacement arrived and was installed! Thanks to technology like cloud-based provisioning service and digital twins, the new device booted and was configured the same as the old device. Shockingly easy!

Over the next few weeks, the tech began to notice something peculiar - while the rate of IoT data returned to expected numbers in the cloud, the data throughput on the building's internet connection was high. Not high enough to blame the late shift of watching Netflix, but high enough to notice.

He inspected it further - it appeared that the newly installed Edge device was sending each point of streaming data to two targets.

How is this possible? The device was unboxed in-store and provisioned to be a digital clone of the faulty equipment. No configuration should be different. Moreso, after connecting to the tiny computer, no setting was changed. It was a complete replica of the original.

Inspecting the Edge device, he noticed that something was different, physically. It looked off.

Our grocery store fell victim to an increasingly common attack in IoT - tampered/modified devices being added as replacements (or net new) and given rights to a companies network. They are blindly trusted as companies order large quantities.

Who has time to inspect each device when one is installing thousands at a time? Is there a way to protect against this?

Find out next time! We will unwind these events and start back at when the device was cloud provisioned - the moment it was powered.

Kevin