Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
IoT Security and Privacy – Sleep-Walking
into a Living Nightmare?
David Rogers, Copper Horse
@drogersuk
IoTEdinburgh
24th ...
Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved.
Who is Connected to the Future Internet?
2
Source:
http:...
Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved.
Who is Connected to the Future Internet? (2)
3
Source:
h...
Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved.
What is Home Security?
4
Copyright © 2015 Copper Horse Solutions Ltd. All rights reserved. 5
Opening up Access to Who?
From: http://www.independent.co.uk/news/world/americas/hacker-takes-control-of-ohio-couples-baby...
Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved.
Connected Lightbulbs
7
 WiFi password can be extracted ...
Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved.
Connected Doorbell
8
 WiFi password can be extracted – ...
Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved.
Wireless Burglar Alarm
9
Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved.
Wireless Burglar Alarm Attack
10
 Easily subverted by j...
Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved.
Samsung SmartThings Vulnerabilities
11
 February 2016 –...
Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved.
Smart TV Vulnerabilities
12
 Privacy – voice control
 ...
Connected Pets
 War Kitteh
 Denial of Service Dog
Copyright © 2015 Copper Horse Solutions Ltd. All rights reserved. 13
Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved.
Smart Meters
14
 ZigBee, GSM – meter reading
 Profiling
Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved.
Other Devices
15
 Radiator and home thermostats
 Kettl...
Counterfeit / Substandard Devices
Copyright © 2013 Copper Horse Solutions Ltd. All rights reserved. 16
Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved.
Near Future Devices
17
 Amazon Echo - Alexa
Connected Home Updates?
Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved. 18
Samsung Smart TV Privacy Policy
Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved.
 221 pages!
 Plus othe...
Plant / Critical Infrastructure
Copyright © 2015 Copper Horse Solutions Ltd. All rights reserved. 20
Automotive (not just cars!)
Copyright © 2015 Copper Horse Solutions Ltd. All rights reserved. 21
Make it Safe to Connect
https://iotsecurityfoundation.org/
Copyright © 2013 Copper Horse Solutions Ltd. All rights reserve...
Thanks!
david.rogers [@] copperhorse.co.uk
@drogersuk
@copperhorseuk
Copyright © 2016 Copper Horse Solutions Ltd. All righ...
Upcoming SlideShare
Loading in …5
×

of

IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 1 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 2 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 3 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 4 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 5 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 6 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 7 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 8 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 9 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 10 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 11 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 12 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 13 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 14 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 15 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 16 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 17 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 18 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 19 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 20 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 21 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 22 IoT Security and Privacy – Sleep-Walking into a Living Nightmare? Slide 23
Upcoming SlideShare
IoT Security and Privacy Considerations
Next
Download to read offline and view in fullscreen.

1 Like

Share

Download to read offline

IoT Security and Privacy – Sleep-Walking into a Living Nightmare?

Download to read offline

These slides are from the remote presentation I gave to IoT Edinburgh on the 24th of March 2016: http://www.meetup.com/iotEdinburgh/events/228581984/

They cover part of the story around IoT security issues, particularly in the connected home. This doesn't really go into technical detail, there is a much longer version that explains some of the technical issues and solutions which I hope to upload at some point.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

IoT Security and Privacy – Sleep-Walking into a Living Nightmare?

  1. 1. IoT Security and Privacy – Sleep-Walking into a Living Nightmare? David Rogers, Copper Horse @drogersuk IoTEdinburgh 24th March 2016 Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved. 1 http://www.mobilephonesecurity.org
  2. 2. Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved. Who is Connected to the Future Internet? 2 Source: http://cheezburger.com/8068370944
  3. 3. Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved. Who is Connected to the Future Internet? (2) 3 Source: http://spectrum.ieee.org/computing/em bedded-systems/on-the-internet-of- things-nobody-knows-youre-a-dog
  4. 4. Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved. What is Home Security? 4
  5. 5. Copyright © 2015 Copper Horse Solutions Ltd. All rights reserved. 5
  6. 6. Opening up Access to Who? From: http://www.independent.co.uk/news/world/americas/hacker-takes-control-of-ohio-couples-baby-monitor-and-screams-bad-things-9296986.html Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved. 6
  7. 7. Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved. Connected Lightbulbs 7  WiFi password can be extracted – pivot attack
  8. 8. Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved. Connected Doorbell 8  WiFi password can be extracted – pivot attack / physical access
  9. 9. Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved. Wireless Burglar Alarm 9
  10. 10. Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved. Wireless Burglar Alarm Attack 10  Easily subverted by just removing batteries  Solution was to reduce alarm alert time to 0 seconds! – Home owner forced to use key-fob. https://www.youtube.com/watch?v=Wf SDUOBYUFE
  11. 11. Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved. Samsung SmartThings Vulnerabilities 11  February 2016 – ZigBee flaws highlighted – Open locks by decrypting signals – Jamming – “Insecure rejoin”  There are other issues! http://www.forbes.com/sites/thomasbrewster/2016/02/17/samsung- smartthings-vulnerabilities/#ed6d54a4e59d
  12. 12. Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved. Smart TV Vulnerabilities 12  Privacy – voice control  Webcams  Software update issued
  13. 13. Connected Pets  War Kitteh  Denial of Service Dog Copyright © 2015 Copper Horse Solutions Ltd. All rights reserved. 13
  14. 14. Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved. Smart Meters 14  ZigBee, GSM – meter reading  Profiling
  15. 15. Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved. Other Devices 15  Radiator and home thermostats  Kettles and kitchen appliances  Garage door openers / detectors  Garden, plant sensors and food dispensers  White goods (e.g. washing machines)  Etc!
  16. 16. Counterfeit / Substandard Devices Copyright © 2013 Copper Horse Solutions Ltd. All rights reserved. 16
  17. 17. Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved. Near Future Devices 17  Amazon Echo - Alexa
  18. 18. Connected Home Updates? Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved. 18
  19. 19. Samsung Smart TV Privacy Policy Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved.  221 pages!  Plus other Terms, Nuance privacy policy etc.
  20. 20. Plant / Critical Infrastructure Copyright © 2015 Copper Horse Solutions Ltd. All rights reserved. 20
  21. 21. Automotive (not just cars!) Copyright © 2015 Copper Horse Solutions Ltd. All rights reserved. 21
  22. 22. Make it Safe to Connect https://iotsecurityfoundation.org/ Copyright © 2013 Copper Horse Solutions Ltd. All rights reserved. 22
  23. 23. Thanks! david.rogers [@] copperhorse.co.uk @drogersuk @copperhorseuk Copyright © 2016 Copper Horse Solutions Ltd. All rights reserved. 23
  • robinsmith64

    Jul. 22, 2017

These slides are from the remote presentation I gave to IoT Edinburgh on the 24th of March 2016: http://www.meetup.com/iotEdinburgh/events/228581984/ They cover part of the story around IoT security issues, particularly in the connected home. This doesn't really go into technical detail, there is a much longer version that explains some of the technical issues and solutions which I hope to upload at some point.

Views

Total views

5,012

On Slideshare

0

From embeds

0

Number of embeds

3,592

Actions

Downloads

23

Shares

0

Comments

0

Likes

1

×