Much like Eleven and the gang, we at BinaryEdge sometimes are confronted with real monsters. Unlike in the series "Stranger Things" however, the monsters we're faced with take different shapes. Our monsters are usually found in the shape of weird things people connect to the internet. Often we're asked "What is the craziest things you guys have found connected to the internet?" In this talk we intend to answer and show exactly that. If you've seen our previous talks and/or read our "World Security Report" for 2016 (ise.binaryedge.io) you know that we have found some of the weirdest things online. From water dams, to electricity grids, and nuclear laboratory sensors, people simply love connecting things to the internet. And in this talk, we are going to explore the top "things" we've found exposed, talk about the different protocols they use and also allow YOU live on talk to search for your own things! On this talk we will also release our 2017 report, where we show how we detected some of the NSA tools such as Double pulsar. We will also make an interesting reveal on this topic. :)

1. BinaryEdge.io
Be Ready. Be Safe. Be Secure.

2. Focus on Cybersecurity,
Data science and Machine
learning. Scale via software,
automation and re-usable
technology.
HEADQUARTERS
ENGINEERING TEAM
ENGINEERING TEAM
ZÜRICH, SWITZERLAND
BINARYEDGE

3. OVERVIEW
Look at things that are on the internet and that shouldn’t be there
Scare you enough that if you see someone putting something on the in-
ternet that they shouldn’t, you would stop them!
AGENDA
OBJECTIVE

4. WHO ARE WE?
Tiago is the CEO and Data necromancer at
BinaryEdge however he gets to meddle in the
intersection of data science and cybersecurity
by providing his team with lovely problems
that they solve on a daily basis.
Tiago Henriques

5. EXPOSING THINGS TO THE INTERNET
Types of exposure
People Organization

6. BINARYEDGE

7. INTERNET OF SHIT

8. MQTT
MQTT
MQTT Broker
Hospitals Payment
information
ChatsPower stations Coffee makerCar GPSRadiation
meters
Prisons MMORPG data SensorsAlarms Power meters Mobile phones
tracking software
publish
subscribe
subscribe
subscribe
We found
37,514
active
MQTT brokers
How it works and what is out there

9. MQTT - NUCLEAR

10. MQTT - HOSPITALS

11. MQTT - PATIENTS

12. MQTT - OWNTRACKS - PRIVACY?

13. MQTT - OWNTRACKS

14. MQTT - OWNTRACKS

15. MQTT - OWNTRACKS

16. MQTT - OWNTRACKS

17. MQTT - POWER

18. MQTT - SMS

19. MQTT - PHONE BACKUP

20. RDP, VNC, X11 - POWER

21. RDP, VNC, X11 - POWER

22. RDP, VNC, X11 - POWER

23. RDP, VNC, X11 - POWER

24. RDP, VNC, X11 - POWER

25. RDP, VNC, X11 - GAS

26. RDP, VNC, X11 - GAS

27. RDP, VNC, X11 - GAS

28. RDP, VNC, X11 - GAS

29. RDP, VNC, X11 - GAS

30. RDP, VNC, X11 - PRESCRIPTIONS

31. RDP, VNC, X11 - HOSPITALS

32. SCADA - WHAT IS?
SCADA (Supervisory Control and Data Acquisition is an industrial automation control system.
SCADA systems can be used in different industries
Energy
Food and beverages
Power Oil and gas
RecyclingTransportation
Water

33. SCADA - PROTOCOLS
BACnet
47808
S7
102
cspv4
2222
dnp3
20000
ATG
10001
modifcon
502
enip
44818
fox
1911
omron
9600
proconos
20547
codesys
1200
pcworx
1962
codesys
2455

34. SCADA

35. SCADA

36. SCADA

37. SCADA

38. SCADA

39. SCADA

40. NSA

41. DOUBLEPULSAR
Doublepulsar infection count: April 2017
date
numberofinfections

42. COLLABORATION

43. SECOND NSA TROJAN
23
World count

44. BASIC RULES OF THE GAME
update/ patch
segregate/ firewall
have a minimum of common sense

45. BE READY. BE SAFE. BE SECURE.
BinaryEdge AG
Freigutstrasse 40,
8001 Zurich
Switzerland
info@binaryedge.io
www.binaryedge.io
+ 41 78 713 40 00
CONTIGENCY THREAT SAFE IRRELEVANT