IOT Security

IOT SECURITY
VERSION: 1.2a
DATE: 24/10/2018
AUTHOR: SYLVAIN MARTINEZ
REFERENCE: ESC13-MUSCL
CLASSIFICATION: Public

2
• IOT definition;
• IOT trends,
• IOT innovation and
integration;
• Cyber security risks
• IOT contribution to
cyber security risk;
• Main risk overview;
• Security as an
afterthought;
• Embedded
vulnerabilities;
• Embedded backdoors;
• Unsupported devices;
• Unpatchable devices;
• Main impacts
overview;
• IOT used as a bot;
• IOT used to access
network;
• IOT used to
spy/attack you;
• IOT physical impact;
• IOT Self destruct
button;
• IOT security overview;
• Traffic analysis;
• Code analysis;
• Firmware analysis;
• Online search;
• Follow best practise;
CONTENTS
PUBLIC
FUTURESECURITYIMPACTRISKCONTEXT
• Future of IOT

IOT DEFINITION
3PUBLIC
THE INTERNET OF THINGS
ANY PHYSICAL OBJECT THAT CAN BE
CONNECTED TO THE INTERNET
Icons from the Noun Project unless specified otherwise

IOT TRENDS
4PUBLIC Source: information is beautiful

IOT INOVATION AND INTEGRATION
5PUBLIC Idea: information is beautiful

CYBER SECURITY RISK
6PUBLIC
GLOBALIZATION & DIGITALIZATION
ITSYSTEMRELIANCE
ATTACK
SURFACE
PAST FUTURE
100%
0%
TIME
GROWTH
MONEY & GEOPOLITICAL GAIN
THREATACTORSSKILLS
ATTACK
VECTORS
PAST FUTURE
100%
0%
TIME
GROWTH
ATTACK SURFACE
ATTACKVECTORS
CYBER
SECURITY
RISKS
PAST FUTURE
100%
0%
TIME
GROWTH
CYBER SECURITY RISKS’ PROBABILITY AND IMPACT ARE INCREASING.
THEIR ABILITY TO DISRUPT COMPANIES BUSINESS OPERATION HAVE GROWING
FINANCIAL, REPUTATIONAL AND LEGAL NEGATIVE CONSEQUENCES
SOURCE: ELYSIUMSECURITY LTD – Please refer to us when re-using this diagram
+ =

IOT CONTRIBUTION TO CYBER SECURITY RISK
7PUBLIC
GLOBALIZATION & DIGITALIZATION
ITSYSTEMRELIANCE
ATTACK
SURFACE
PAST FUTURE
100%
0%
TIME
GROWTH
SOURCE: ELYSIUMSECURITY LTD

MAIN RISKS OVERVIEW
8PUBLIC
SECURITY IS AN AFTERTHOUGH
EMBEDDED VULNERABILITIES
EMBEDDED BACKDOORS
UNSUPPORTED DEVICES
UNPATCHABLE DEVICES

SECURITY IS AN AFTERTHOUGHT
9PUBLIC
LOW
COST
LOW
RESOURCES
3RD PARTY RELIANCE
&
LOW PERFORMANCE
+
ADDED
SECURITY
=
PERFORMANCE IMPACT
&
HIGHER COST

EMBEDDED VULNERABILITIES
10PUBLIC
OLD LIBRARIES
& COMPONENTS
BAD CONFIGURATION OPEN PORTS

EMBEDDED BACKDOORS
11PUBLIC
P A S S W O R D 1 2 3
DEFAULT PASSWORDS DEBUG FUNCTIONS ”VENDOR” ACCESS

UNSUPPORTED DEVICES
12PUBLIC
SHORT LIFESPAN VENDOR
CLOSED
DIFFICULT
TO UPDATE
NO SUPPORT HELP

UNPATCHABLE DEVICES
13PUBLIC
ROM BASED
VULNERABILITY
OUT OF REACH PHYSICAL DANGER

MAIN IMPACTS OVERVIEW
14PUBLIC
USED AS A BOT/DOS
USED AS AN ENTRY TO YOUR NETWORK
USED TO SPY/ATTACK YOU
PHYSICAL IMPACT
PRODUCT DESTRUCTION

IOT USED AS A BOT
15PUBLIC
MIRAI, GAFGYT, AIDRA
MIRAI
• TELNET OPEN
• 61 DEFAULT PASSWORDS
• 1TBPS
• ROUTERS, IP CAMERAS, ETC.
ANIMATED MIRAI GIF FROM WIKIMEDIA

IOT USED TO ACCESS NETWORK
16PUBLIC
1
2
3
4
5
• IOT DEVICE INITIATES THE CONNECTION
• IOT CALLS “HOME”
• IOT BYPASSES FIREWALL PROTECTION
6
VENDOR IOT PROXY

IOT USED TO SPY/ATTACK YOU
17PUBLIC

IOT PHYSICAL IMPACT
18PUBLIC

IOT SELF DESTRUCT BUTTON
19PUBLIC
MIKROTIK ROUTER
RUSSIAN GOOD SAMARITAN PATCH
NOKIA HEALTH
SCALE REFUNDED AND DISABLED

IOT SECURITY OVERVIEW
20PUBLIC
TRAFFIC ANALYSIS
CODE ANALYSIS
FIRMWARE ANALYSIS
ONLINE SEARCH / SHODAN
SECURITY DESIGN BEST PRACTISE

TRAFFIC ANALYSIS
21PUBLIC
• INTERCEPT TRAFFIC
• LOOK AT PASSWORDS SENT
• LOOK AT ENCRYPTION
• LOOK AT TOKENS
USER VENDOR

CODE ANALYSIS
22PUBLIC
• CONNECT TO THE DEVICE
• INSPECT SOFTWARE INSTALLED
• LOOK AT SCRIPTS
• STRINGS IN BINARY
USER VENDOR
• NO DEFAULT PASSWORD
• NO BACKDOOR FOR SUPPORT
• CODE ANALYSIS TOOLS
• THREAT ANALYSIS TOOLS

FIRMWARE ANALYSIS
23PUBLIC
• EXTRACT FIRMWARE
• DISASSEMBLE FIRMWARE
• REVIEW MAIN FUNCTIONS
USER VENDOR
• FIRMWARE ORIGIN?
• ANALYSE SOURCE CODE
• PENTEST RESULTS REVIEW

ONLINE SEARCH
24PUBLIC
• GOOGLE SEARCH VENDOR
• SHODAN SEARCH DEVICE AND IP
• IS YOUR IP VULNERABLE?
USER VENDOR
• SHODAN SEARCH DEVICE
• WHITE PAPER REVIEW
• THREAT INTELLIGENCE

FOLLOW BEST PRACTISE
25PUBLIC
VENDOR
UK CODE OF PRACTICE FOR CONSUMER IOT SECURITY
1. NO DEFAULT PASSWORDS
2. IMPLEMENT A VULNERABILITY DISCLOSURE POLICY
3. KEEP SOFTWARE UPDATED
4. SECURELY STORE CREDENTIALS AND SECURITY-SENSITIVE DATA
5. COMMUNICATE SECURELY
6. MINIMISE EXPOSED ATTACK SURFACES
7. ENSURE SOFTWARE INTEGRITY
8. ENSURE THAT PERSONAL DATA IS PROTECTED
9. MAKE SYSTEMS RESILIENT TO OUTAGES
10. MONITOR SYSTEM TELEMETRY DATA
11. MAKE IT EASY FOR CONSUMERS TO DELETE PERSONAL DATA
12. MAKE INSTALLATION AND MAINTENANCE OF DEVICES EASY
13. VALIDATE INPUT DATA
https://www.gov.uk/government/publications/secure-by-design

FUTURE OF IOT
26PUBLIC
IOT FRAMEWORK
IOT REGULATION
IOT BREACH FINES
IOT INTEGRATION
IOT FUSION

© 2018 ElysiumSecurity Ltd.
All Rights Reserved
www.elysiumsecurity.com
ABOUT ELYSIUMSECURITY LTD.
ELYSIUMSECURITY provides practical expertise to identify
vulnerabilities, assess their risks and impact, remediate those
risks, prepare and respond to incidents as well as raise security
awareness through an organization.
ELYSIUMSECURITY provides high level expertise gathered
through years of best practices experience in large
international companies allowing us to provide advice best
suited to your business operational model and priorities.
ELYSIUMSECURITY provides a portfolio of Strategic and Tactical
Services to help companies protect and respond against Cyber
Security Threats. We differentiate ourselves by offering
discreet, tailored and specialized engagements.
ELYSIUMSECURITY operates in Mauritius and in Europe,
a boutique style approach means we can easily adapt to your
business operational model and requirements to provide a
personalized service that fits your working environment.

IOT Security

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to IOT Security

Similar to IOT Security (20)

More from Sylvain Martinez

More from Sylvain Martinez (20)

Recently uploaded

Recently uploaded (20)

IOT Security