Data security in iot devices

Slides:



Advertisements
Similar presentations
Securing A Wireless Home Network. Wireless Facts Range about feet from access point Security anyone can eavesdrop on an unsecured wireless network.
Advertisements

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Secure SharePoint mobile connectivity
Guanjong High School Group 2. Physical Network Access Security Getting into a network closet could easily allow someone to disable computers and connect.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Wireless Security Focus on Encryption Steps to secure a Wi-Fi Network.
Securing a Wireless Network
Threats to I.T Internet security By Cameron Mundy.
CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
 Security and Smartphones By Parker Moore. The Smartphone Takeover  Half of mobile phone subscribers in the United States have a smartphone.  An estimated.
CTSP TRAINING Router 101 And Networking Basics. You Don’t Need Internet Access to Run or Connect your devices to an Ethernet switch or Router Enable DHCP.
1 Chapter Overview Configuring Account Policies Configuring User Rights Configuring Security Options Configuring Internet Options.
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
Convenience product security Collin Busch. What is a convenience product? A convenience product is a device or application that makes your life easier.
Engineering Secure Software. Agenda  What is IoT?  Security implications of IoT  IoT Attack Surface Areas  IoT Testing Guidelines  Top IoT Vulnerabilities.
Computer Security By Duncan Hall.
Securing A Wireless Home Network. Simple home wired LAN.
Databases Kevin Wright Ben Bruckner Group 40. Outline Background Vulnerabilities Log File Cleaning This Lab.
Cybersecurity Test Review Introduction to Digital Technology.
Windows Administration How to protect your computer.
1 #UPAugusta Today’s Topics What are Deadly IT Sins? Know them. Fear them. Fix them. #UPAugusta201 6.
Kaspersky Small Office Security INTRODUCING New for 2014!
Brianne Stewart.   A wireless network is any computer network that is not connected with a cable  Many homes use this type of internet access  Less.
1 E-Site - FTP Services Setup / install guide. 2 About FTP services can run on any desired port(s) Runs as a windows service Works for all sites installed.
Lecture 19 Page 1 CS 236 Online 6. Application Software Security Why it’s important: –Security flaws in applications are increasingly the attacker’s entry.
NETWORK SECURITY. What do you see THE IMPORTANCE OF SECURITY THE ARE WEBSITES ON THE INTERNET COULD INFORM PEOPLE THE RANGE AND AVAILABLE UNSECURED SITES.
PROTECTING YOUR DATA THREATS TO YOUR DATA SECURITY.
Security on the Internet Norman White ©2001. Security What is it? Confidentiality – Can my information be stolen? Integrity – Can it be changed? Availability.
Teaching Security of Internet of Things in Using RaspberryPi Oliver Nichols, Li Yang University of Tennessee at Chattanooga Xiaohong Yuan North Carolina.
Why Does The Site Need an SSL Certification?. Security should always be a high concern for your website, but do you need an SSL certificate? A secure.
November 14, 2016 bit.ly/nercomp_defendingyourdata16
CompTIA Network+ Certification Exam
Are our smart devices really that smart ?
International Conflict & Cyber Security
chownIoT Secure Handling of Smart Home IoT Devices Ownership Change
What they are and how to protect against them
Koji Nakao, Dai Arisue NICT, Japan
Internet of Things (IoT)
Introduction to Operating Systems
Port Knocking Benjamin DiYanni.
Unit 4 IT Security.
Instructor Materials Chapter 7 Network Security
IoT devices as an attack vector
Security and Smart Home Devices: How Safe Is Your Home?
TASHKENT UNIVERSITY OF INFORMATION TECHNOLOGIES NAMED AFTER MUHAMMAD AL-KHWARIZMI THE SMART HOME IS A BASIC OF SMART CITIES: SECURITY AND METHODS OF.
Secure Software Confidentiality Integrity Data Security Authentication
EN Lecture Notes Spring 2016
Lesson Objectives Aims You should be able to:
Pulse: An Adaptive Intrusion Detection System for the Internet of Things (IoT) Good morning every one , I will give you a brief overview of the work my.
Introduction to Networking
CompTIA Network+ Certification Exam
Advanced Security Architecture for System Engineers Cisco Dumps Get Full Exam Info From: /cisco-question-answers.html.
The Hacking Suite for Governmental Interception
Internet of Things
The security and vulnerabilities of IoT devices
Intercept X for Server Early Access Program Sophos Tester
Cybersecurity Concepts for Engineers
Topic 5: Communication and the Internet
The Internet of Unsecure Things
Uplink Broadcast Service
IoT Security – fel vagyunk rá készülve?
Cyber Security Challenges
Cybersecurity and Cyberhygiene
Unit 32 Every class minute counts! 2 assignments 3 tasks/assignment
Convergence IT Services Pvt. Ltd
Marcial Quinones-Cardona
6. Application Software Security
Botnet of Things: Cybersecurity
Cleaning Up the Internet of Evil Things
Presentation transcript:

Data security in iot devices Aj DeTorrice

What is an “iot” device? An IoT device refers to the vastly expanding network of internet connected devices other than laptops, desktops, and smartphones. Researchers estimate that by 2020 there will be more than 26 times more connected IoT devices than people on Earth.

Why is security an issue? Security costs money Many IoT device manufacturers are willing to cut corners on security to meet budget requirements for a project Many of these devices are constrained in terms of memory, storage, and processing – making encryption-heavy security approaches harder to implement These devices often control critical devices such as smoke detectors and door locks

A real issue: smart cars In 2015, security researchers successfully hacked into a 2014 Jeep Cherokee and were able to turn the steering wheel, disable the breaks, and shut down the engine. Used Uconnect as an attack vector

Why are IOT devices targeted? Always on – IoT devices are rarely turned off Many manufacturers shy away from security in favor of usability IoT devices aren’t checked on by users – “setup and forget” There are millions of them – this allows for a significant amount of DDoS traffic from these devices Users don’t interact with their devices actively – less likely to notice a hijacker

Mirai botnet In 2016, Mirai was used to take down Dyn, a dns provider for several hours – blocking many popular sites such as Twitter, Netflix, and Reddit from end users – over 1Tbps Simple to gain access to these IoT devices – many have default username/password combinations

Mirai botnet overview Brute forces its way into poorly configured IoT devices Upon gaining a shell, forwards to the report server Via the C&C server, the controller can authorize a download of the malicious binary After executing the malware, the controller can use the C&C server to attack a target server

Vulnerabilities extend to “home security” devices Opticam i5 – had hardcoded passwords for both the web UI and the built in FTP server ASL-01 smartlocks – guest access can be used to get irrevocable admin access If someone bought a used smartlock, the previous owner or guest of a previous owner can unlock it “75% (of the locks tested) could be hacked relatively easily, and one reported to have great security could actually be broken into with a screwdriver”

Replay attacks Many IoT devices do use encryption, but fail to discard keys. When an encrypted signal is sent to the device, an attacker can listen in and record said signal, then replay it back to the device to gain access.

How can users secure their own devices? If possible, change passwords from their default Don’t allow these devices on a network with important systems/files Don’t use these devices