Adli Wahid addresses the current cybersecurity issues seen with the growth of the Internet of Things at the 2015 Asia Pacific Regional Internet Governance Forum (APrIGF) in Macao.
2. Adli Wahid
• Security Specialist at APNIC
• Security Outreach, Digital Forensics &
Incident Response
• Board Member of Forum of Incident
Response & Security Teams (FIRST)
• Working with Network Operators,
CERTs/CSIRTs, LEAs, NGOs
2
3. Talking Points
Goal:
To highlight some of the security concerns about the IoTs
1. Internet of Things or Internet of Anything
2. Security Risks
3. Security Considerations
3
9. Challenges to Security Responder
9
Analysis Fix / Recover
• Source of Attack
• Modus Operandi
• Command & Control
• Indicators of Compromise
• Number of Bots / Infected
Computers
• Numbers of Samples
• Patch Vulnerable Systems
• Apply Firewall Rules
• Clean Infected Computers
• Disable Vulnerable Services
• Remove Malicious Page
10. Heartbleed (CVE-2014-0160)
• Critical Vulnerability affecting a
very large user base discovered
in April 2014
• 600k systems vulnerable
• Afer 2 months – 300k systems
remain unpatched *
• Enterprise vs Home Systems
10
11. Problems with CPEs
• Customer Premise Equipments
• Common Default ‘not-secure’
– Default password
– Default Services Turned-on
• Case in point – Open DNS Resolvers
– Exploited as platform to launch Amplification Attacks Distributed
Denial of Service attacks
– Made worse by the relative ease to spoof IP address
– (and Getting Away easily for launching attacks)
11