The LoRaWAN protocol has become standard in the world of industrial IoT because of its support for low-power wireless devices over long distances and its end-to-end encryption technology. However, bad implementations and security flaws make the protocol a real blind spot in the fraught world of IoT security, as LoRaWAN is easily susceptible to threats that could cause widespread disruption and even destruction if it’s not implemented correctly, IOActive researchers have found.
LoRaWAN, or Long Range Wide Area Networking protocol, allows low-powered devices to communicate with internet-connected applications over long-range wireless connections. Users and developers of IoT devices in smart cities, industrial IoT, smart homes, smart utilities, vehicle tracking and healthcare have widely embraced the protocol because of the false sense of security its encryption provides, according to a report
by IOActive released Tuesday.
In reality, LoRaWAN encryption keys are easily obtained by a savvy hacker to conduct DDoS attacks and send false data to networks, researchers have found. Moreover, it’s currently impossible for organizations to know if a LoRaWAN network is under attack or if an encryption key has been compromised, making defending such attacks perilous, they said.
threatpost.com
