Cybersecurity of Internet of Things – Risks and Opportunities

Slides:



Advertisements
Similar presentations
Presentation. Short intro Ocean service Ltd is a producer of dosing systems for laundries and dishwashing machines. We are the biggest professional detergent.
Advertisements

Building an Application Server for Home Network based on Android Platform Yi-hsien Liao Supervised by : Dr. Chao-huang Wei Department of Electrical Engineering.
Rapid Mobile Development Enterprises are having a tough time keeping up with the demand for mobile apps. With these growing demands, businesses are expecting.
1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.
Enforcing Cyber security in Mobile Applications – Public Sector Use Case SAPHINA MCHOME, VIOLA RUKIZA TANZANIA REVENUE AUTHORITY INFORMATION AND COMMUNICATION.
Chapter 7 Part 2 Networks. Why would I ever consider a wired network connection over a wireless? – Wireless signals are more susceptible to interference.
IoT BBQ Carve Systems. Outline About us (Carve) About IoT Our IoT assessment methodology The Sacred Tenants of IoT Security Some bugs IoT IRL.
Overview We are living in a technological world and rapidly advancement in all the different fields of science. With the development in the technology.
PROTECTING YOUR DATA THREATS TO YOUR DATA SECURITY.
Google. Android What is Android ? -Android is Linux Based OS -Designed for use on cell phones, e-readers, tablet PCs. -Android provides easy access to.
Promwad designs health and fitness gadgets by request
© 2016 Global Market Insights, Inc. USA. All Rights Reserved Fuel Cell Market size worth $25.5bn by 2024 Smart Speaker Market to hit.
November 14, 2016 bit.ly/nercomp_defendingyourdata16
Interfaces 101 Interfaces provide connectivity for the drawers to virtually any POS device (printer, terminal, tablet etc.) in the industry.
The Connected Home Frank May 10/20/2016.
Voice Controlled Robot by Cell Phone with Android App
Smart Living Ali Hosseini / SenRa.
CYBERSECURITY SOLUTIONS
Remarks by Dr Mawaki Chango Kara University DigiLexis Consulting
Fundamentals of Information Systems, Sixth Edition
Internet of Things (IoT)
CT1503 Network Operating System
Firmware threat Dhaval Chauhan MIS 534.
Smart Retail Digital Store.
IoT as an Attack Vector The DDoS Game Changer!
Smart home introduction
IT Security Goes Organic
Monetizing IoT in India
Intelligent IVI with AI
Instructor Materials Chapter 7 Network Security
TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.
Honeypot in Mobile Network Security
ITIS 6200/8200: HCIP 6200 Principles of Information Security and Privacy Dr. Weichao Wang.
Hello, Today we will look at cyber security and the Internet of Things and how it could impact our business.
GCSE ICT Revision Topic 2: Connectivity.
Pulse: An Adaptive Intrusion Detection System for the Internet of Things (IoT) Good morning every one , I will give you a brief overview of the work my.
National Mining University
Cyber Security Challenges & Opportunities.
© 2016 Global Market Insights, Inc. USA. All Rights Reserved Fuel Cell Market size worth $25.5bn by 2024 IP Camera Market to surpass.
ETS Inside Product Launch
Internet of Things
Cyber intelligence made easy.
The Internet of Things (IoT) and Analytics
Smart Office Market
Augmented Reality & Virtual Reality An Escape into the World of Fantasy According to research, by 2020 AR/VR market could hit $ 150 Billion. Both Google.
How Cyber Security vulnerabilities will shape the future of Healthcare Sector Globally?
Virtual Private Network (VPN) Market
© 2016 Global Market Insights, Inc. USA. All Rights Reserved Fuel Cell Market size worth $25.5bn by 2024 IoT Device Management Market.
The security and vulnerabilities of IoT devices
McAfee Total Protection 2018 Protection for PC, MAC, Smartphones and Tablets.
Risk of the Internet At Home
Challenges and Opportunities
Internet of Things (IoT)
Internet of Things Vulnerabilities
Standards for the Internet of Things
Network Security for your Business
Hacking the Human Body? Cyber-Bio Crossover: Implantable Medical Device (IMD) Hacking Rebecca Earnhardt, Researcher / Project Manager UMD START-Unconventional.
The Internet of Unsecure Things
Securing the Internet of Things: Key Insights and Best Practices Across the Industry Theresa Bui Revon IoT Cloud Strategy.
Data security in iot devices
Tareq Khan, Ph.D. Assistant Professor,
Wireless networking Rytis Garbauskas.
Internet of Things (IoT)
Designed by Hwandong Joo
Welcome to The World of Internet of Things
Trust by Design: The Internet of Things
5G as a Social Infrastructure Chaesub LEE, Director, ITU
SECURITY IN THE DIGITAL AGE
IoT in Healthcare: Life or Death
Presentation transcript:

Cybersecurity of Internet of Things – Risks and Opportunities Alexandre Karlov, JINR 29.09.2017 1

The Internet not only brought bridges between people, countries and continents, but also brought the criminals closer to the victims. The Internet of Things has further strengthened the latest trend.

Internet of Things = Internet + Things Internet is “a global network connecting many billions of hardware devices, providing a variety of information and communication facilities and consisting of interconnected networks using standardized communication protocols”

“Things” refers to any physical objects that has its own IP address and can connect to a network to send/receive data via network – “smart” things. The term "the Internet of Things" was coined by Kevin Ashton in 1999.

Source: McKinsay

Some of the “Smart” Applications Smart Home Industry Automation Smart Medicine Smart City

Smart Home System Architecture

- HD WiFi security camera - Sound machine The First All-in One Voiced Controlled Smart Baby Monitor That Grows with Your Child - Baby monitor - Speaker - Smart light - HD WiFi security camera - Sound machine “Aristotle” is using artificial intelligence, natural language interactions and Internet of Things technologies to create a cloud-connected platform for Junior’s nursery. https://www.usatoday.com/story/tech/columnist/baig/2017/01/03/mattel-brings-artificial-intelligence-and-internet-things-into-kids -rooms/96081330/

Wearable “smart” gadgets Fitness trackers, body mounted cameras, smart watches, heart rate monitors, virtual reality glasses, GPS tracking device, etc.

Do you say the first: “I need my T-shirt to tell me about air pollution” No: This is manufacturer who is looking for the new market area to get a profit.

Now: At many cases manufacturer creates demand !!! Demand creates supply ??? Now: At many cases manufacturer creates demand !!!

The Dangers of Smart Medicine Black Hat Hacker Says Insulin Pump Maker Medtronic Belittles Security Flaw Diabetic security researcher Jerome Radcliffe, who hacked his insulin pump at Black Hat, accused Medtronic of not taking security of its devices or his research seriously…There is no way for the pump to identify which commands come from a trusted system and which are malicious. With his technique, it is possible to program a special remote control to command strangers' pumps to dispense the wrong dose of insulin, which could have fatal consequences if diabetics are given too little or too much. eWeek, August 25, 2011 By: Fahmida Y. Rashidhttp://www.eweek.com/security/black-hat-hacker-says-insulin-pump-maker-medtronic-belittles-security-flaw What Dick Cheney's Heart Teaches Us About Security “….Former U.S. Vice President Dick Cheney admitted that he was worried hackers could hack his heart….Cheney’s Cardiologist, Dr. Jonathan Reiner, ordered that the heart defibrillator's wireless features be disabled for fear that a hacker could somehow get access and kill Cheney…..” . eWeek, October 21, 2013 By: Sean Michael Kerner http://www.eweek.com/blogs/security-watch/what-dick-cheney-s-heart-teaches-us-about-security

21 octobre 2016 – 7 am ET More than 70 Services only in USA were blocked (BBC, CNN, Fox News, PayPal, VISA, etc) 17

BOTNET - based DDoS attack Reason ? BOTNET - based DDoS attack ROBOT + NETWORK Special feature: Using the Internet of Things

Building Blocks of “smart thing” CPU, ROM, PROM, RAM Communication Library, Protocol Smartphone, Tablet, Cloud “Red” – are the sensitive points for unauthorized access Widespread use of default passwords and unpatched firmware mean that compromising the devices is relatively easy for the attacker

ZigBee Wireless Protocol (Toshiba, Philips, Huawei, Sony, Siemens, Samsung, Motorola, and many more ….) Standart: IEEE 802.15.4 Application: Industrial, medical, scientific, home .... Physical range: 10 – 20 meters (max up to 100)

ZigBee protocol ZigBee is a popular smart-home wireless communication standard used by the majority of Internet of Things (IoT) devices today. ZigBee protocol, which lets IoT devices talk to each other, is implemented by major vendors including Toshiba, Philips, Huawei, Sony, Siemens, Samsung, Motorola, and many more. The worse part pointed out by the researcher is that there is nothing users could do to make their smart devices more secure, and since the flaw affects a broad range of devices, it's quite unclear how quickly vendors will come up with a fix.

ZigBee Chain Reaction The worm spreads by jumping directly from one object to its neighbors, using only their built-in ZigBee wireless connectivity and their physical proximity.

Bluetooth Distances for Bluetooth devices depend very much on the environment. In tests at Brain Boxes labs distances of over 200m were achieved with line of sight and 30- 35m in a typical office environment.

8 billion devices worldwide. Security researchers from Armis found (September,2017) eight vulnerabilities in Bluetooth implementations (Android, iOS, Windows and Linux) used by more than 8 billion devices worldwide. The set of vulnerabilities was called BlueBorne.

Smart Devices can be reprogrammed by criminals

As a result: tens of millions of the smart devices can be organized in a powerful botnet to send many millions of malicious requests to victim.

Malicious requests from tens of millions of IP addresses Dyn Servers 1,2 1.2 TB/sec Domain Name System Infrastructure Malicious requests from tens of millions of IP addresses

Shodan, Censys, etc… scanners It is quite easy to locate vulnerable devices and hack them by using search engines like Shodan and Censys. “Shodan, a search engine for the Internet of Things (IoT), recently launched a new section that lets users easily browse vulnerable webcams. ….. The feed includes images of marijuana plantations, back rooms of banks, children, kitchens, living rooms, garages, front gardens, back gardens, ski slopes, swimming pools, colleges and schools, laboratories, and cash register cameras in retail stores …..” (by exploiting the Real Time Streaming Protocol, RTSP, port 554)

Vulnerabilities of IoT: Why ? (1) There are no standards or mandatory official recommendations for the security of the Internet of Things, because of the huge variety of devices. There are no legislative acts regulating responsibility between the manufacturer, the seller and the client in case of incidents with a device connected to the network Manufacturers, trying to reduce their costs, radically save on security.

Vulnerabilities of IoT: Why ? (2) For most users, low cost is much more important than security. Users do not consider themselves to be a serious target for intruders and do not even care about recommended security measures (strong passwords, patch updates, certified downloads)

When you connect to the Internet, the Internet connects to you !

A drone hacks a room full of smart lightbulbs

Thank you ! Questions ? 33

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.