internet of things a hacker perspective ieee cyber science ... · internet of things a hacker...

Report

Post on 08-Jun-2020

4 Views

Category:

Documents

0 Downloads

Preview:

Click to see full reader

TRANSCRIPT

INTERNET OF THINGS

A HACKER PERSPECTIVE

IEEE CYBER SCIENCE 2018

JENS MYRUP PEDERSEN, JENS@ES.AAU.DK

ASSOCIATE PROFESSOR, AALBORG UNIVERSITY

Internet of Things is here!

Smart city, smart transport, smart industry, smart grid…

“Life can only be understood backwards, but it must be

lived forwards”• But can we learn anything from Mirai?

IoT is today an easy target…

And even professional systems are largely unsecure

The threat from cyber does not stand alone

• A successful attack requires motivation, knowledge, resources.

• Crucial to understand the attackers: Different attackers, different goals.

Nation states: Strategic goals

Nation states: Strategic goals

Cyber criminals: For profit…

• Ransomware.

• Information theft (identities, credit cards, financial records, pictures).

• Other kinds of blackmail (e.g. using private or confidential information).

• Crypto currency mining.

Cyber criminals – for profit…

What can we expect in the future?

• People LOVE their cheap IoT devices. Also tomorrow.

• Increasing dependencies on IoT.

• Increased capabilities of IoT devices (weaponization).

• Many more devices and more mobility. Bring your own …

• Better opportunities for attackers (both cyber criminals and nation states).

• Certain sectors obvious goals – but not the only ones…

• Even when the obvious holes are closed, there will be a huge market for

zero-days among both cyber criminals and nation states.

• Legislation and risk assessments will push towards more secure solutions,

but this is going to take time…

Is there anything we can do?

• Risk vs. benefits.

• Security by Design (think about security from the beginning).

• Fail safe.

• Encryption and authentication.

• Users are often the weak link (and their influence should be eliminated).

• Processes for patches and updates.

• No silver bullets – segmentation and high walls.

• Attacks can not always be prevented:• Prevent -> Monitor -> Detect -> Mitigate -> Recover

Thank you for your attention

top related

cio summit - perth, 2018 - idg...inside the mind of hacker...
Documents
september 2019 cyber policy initiative working paper...
Documents
hacker vs. hacker
Internet
cyber crimes the good, the bad, and the ugly … · • the...
Documents
hacker & cracker ma. isabel reyes sánchez. contenido hacker...
Documents
sbmunavid.vums.acpms.sbmu.ac.ir › uploads ›...
Documents
evolving menace iran’s use of cyber-enabled economic...
Documents
computer hacker profiling - hasantha alahakoon · pdf...
Documents
adapt or die - klimafonds · adapt or die = preparing for...
Documents
cyber security wie hacker an vertrauliche … · 2018. 11....
Documents
cyber security awareness raising activities in...
Documents
hacker autogyro „calidus 50e“ - · pdf fileanleitung /...
Documents
cyber security: hacker web and shodan · pdf filecyber...
Documents
lesson 7 attack analysis - hacker...
Documents
marc goodman global hack - bilder.buecher.de · marc...
Documents
methodology of a hacker · methodology of a hacker matthew...
Documents
sarkariresults.org.insarkariresults.org.in/upload/soeng.pdfexperience...
Documents
cyber defense - it-sicherheitstag nrw · 2018. 10. 25. ·...
Documents
cyber threat analysis iran’s hacker hierarchy … ·...
Documents
hacker intelligence summary report – monitoring hacker...
Documents