SlideShare a Scribd company logo

Internet of Things (IoT) Security

S
shiriskumar

The precondition to freedom is Security.

Education
1 of 13
Internet of Things Security THE PRECONDITION TO FREEDOM IS SECURITY
About Me • Shiris Kumar • IT Security Auditor at AUDITime Information Systems (I) Ltd • Certifications: • CiscoCertified Network Associate • EC-CouncilCertified Security Analyst • EC-CouncilCertified Ethical Hacker • Microsoft Certified Professional • Microsoft Certified Solutions Developer • Microsoft CertifiedTechnology Specialist
Agenda • Brief Description of IoT • CyberThreats • RecentVulnerabilities & Compromise • Securing IoT
Brief Description of IoT • The Internet of things (IoT) is the inter-networking of physical devices, vehicles (also referred to as "connected devices" and "smart devices"), buildings, and other items embedded with electronics, software, sensors, actuators, and network connectivity which enable these objects to collect and exchange data.
Brief Description of IoT • Applications:
Brief Description of IoT • 8.4 Billion Connected "Things" Will Be in Use in 2017, Up 31 Percent From 2016 • IoT Units Installed Base by Category (Millions of Units) (Source: Gartner) Category 2016 2017 2018 2020 Consumer 3,963.0 5,244.3 7,036.3 12,863.0 Business:Cross-Industry 1,102.1 1,501.0 2,132.6 4,381.4 Business:Vertical-Specific 1,316.6 1,635.4 2,027.7 3,171.0 GrandTotal 6,381.8 8,380.6 11,196.6 20,415.4
• Cyber Criminals / Hacker / Nubs • Government Agencies Cyber Threats: Agents
• DDoS Attacks • Botnets & Malware based Attacks • Weak Perimeters Cyber Threats: Vectors
Recent Vulnerabilities & Compromise • Oct 21, 2016 a widespread IoT DDoS Attack was targeted on US DNS Servers interrupted services of major websites likeTwitter, Pinterest, Reddit, GitHub, Etsy,Tumblr, Spotify, PayPal,Verizon etc. by infamous Mirai Malware. • Security researcher Lucas Lundgren via an Internet scan last year found around 65,000 IoT servers using the Message Queuing TelemetryTransport (MQTT) worldwide on the public Internet wide open to attack with no authentication nor encrypted communication, findings he revealed last August at DEFCON
Recent Vulnerabilities & Compromise • BrickerBot works in similar fashion to Mirai, simply kills any vulnerable IoT devices. • Charlie Miller, a security researcher atTwitter, and ChrisValase, director ofVehicle Security Research at IOActive showcased how a zero-day exploit in the car’s entertainment systems gave full access of car to researchers over Internet. (Source: https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway)
Securing IoT
Securing IoT • IoT SecurityTop 10 (OWASP 2014) 1. I1 InsecureWeb Interface 2. I2 Insufficient Authentication/Authorization 3. I3 Insecure Network Services 4. I4 Lack ofTransport Encryption 5. I5 Privacy Concerns 6. I6 Insecure Cloud Interface 7. I7 Insecure Mobile Interface 8. I8 Insufficient Security Configuration 9. I9 Insecure Software/Firmware 10. I10 Poor Physical Security
Thank you!

Recommended

IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against them IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against them
Nick Allott
 
Security in the Internet of Things
Security in the Internet of ThingsSecurity in the Internet of Things
Security in the Internet of Things
ForgeRock
 
Privacy and Security in the Internet of Things
Privacy and Security in the Internet of ThingsPrivacy and Security in the Internet of Things
Privacy and Security in the Internet of Things
Jeff Katz
 
ON THE SECURITY AND PRIVACY OF INTERNET OF THINGS ARCHITECTURES
ON THE SECURITY AND PRIVACY OF INTERNET OF THINGS ARCHITECTURESON THE SECURITY AND PRIVACY OF INTERNET OF THINGS ARCHITECTURES
ON THE SECURITY AND PRIVACY OF INTERNET OF THINGS ARCHITECTURES
Manisha Luthra
 
Internet of Things Security
Internet of Things SecurityInternet of Things Security
Internet of Things Security
Tutun Juhana
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)
Sanjay Kumar (Seeking options outside India)
 
Automatski - The Internet of Things - Security in IoT
Automatski - The Internet of Things - Security in IoTAutomatski - The Internet of Things - Security in IoT
Automatski - The Internet of Things - Security in IoT
automatskicorporation
 
IoT Security – Executing an Effective Security Testing Process
IoT Security – Executing an Effective Security Testing Process IoT Security – Executing an Effective Security Testing Process
IoT Security – Executing an Effective Security Testing Process
EC-Council
 

Recommended

IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against them IoT Security Middleware: evaluating the threats and protecting against them
IoT Security Middleware: evaluating the threats and protecting against them
Nick Allott
 
Security in the Internet of Things
Security in the Internet of ThingsSecurity in the Internet of Things
Security in the Internet of Things
ForgeRock
 
Privacy and Security in the Internet of Things
Privacy and Security in the Internet of ThingsPrivacy and Security in the Internet of Things
Privacy and Security in the Internet of Things
Jeff Katz
 
ON THE SECURITY AND PRIVACY OF INTERNET OF THINGS ARCHITECTURES
ON THE SECURITY AND PRIVACY OF INTERNET OF THINGS ARCHITECTURESON THE SECURITY AND PRIVACY OF INTERNET OF THINGS ARCHITECTURES
ON THE SECURITY AND PRIVACY OF INTERNET OF THINGS ARCHITECTURES
Manisha Luthra
 
Internet of Things Security
Internet of Things SecurityInternet of Things Security
Internet of Things Security
Tutun Juhana
 
IoT security (Internet of Things)
IoT security (Internet of Things)IoT security (Internet of Things)
IoT security (Internet of Things)
Sanjay Kumar (Seeking options outside India)
 
Automatski - The Internet of Things - Security in IoT
Automatski - The Internet of Things - Security in IoTAutomatski - The Internet of Things - Security in IoT
Automatski - The Internet of Things - Security in IoT
automatskicorporation
 
IoT Security – Executing an Effective Security Testing Process
IoT Security – Executing an Effective Security Testing Process IoT Security – Executing an Effective Security Testing Process
IoT Security – Executing an Effective Security Testing Process
EC-Council
 
Security in Internet of Things(IoT) Ecosystem
Security in Internet of Things(IoT) EcosystemSecurity in Internet of Things(IoT) Ecosystem
Security in Internet of Things(IoT) Ecosystem
rahulbindra
 
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsSecurity Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Design World
 
IoT Security by Sanjay Kumar
IoT Security by Sanjay KumarIoT Security by Sanjay Kumar
IoT Security by Sanjay Kumar
OWASP Delhi
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of Things
Christopher Frenz
 
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
ClicTest
 
Security of iot device
Security of iot deviceSecurity of iot device
Security of iot device
Mayank Pandey
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of Things
Bryan Len
 
IOT Security
IOT SecurityIOT Security
IOT Security
Sylvain Martinez
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of things
sreelekha appakondappagari
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security Patterns
Mark Benson
 
Security challenges for IoT
Security challenges for IoTSecurity challenges for IoT
Security challenges for IoT
WSO2
 
IoT Security: Cases and Methods [CON5446]
IoT Security: Cases and Methods [CON5446]IoT Security: Cases and Methods [CON5446]
IoT Security: Cases and Methods [CON5446]
Leonardo De Moura Rocha Lima
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017
Ulf Mattsson
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoT
Vasco Veloso
 
IoT Security, Mirai Revisited
IoT Security, Mirai RevisitedIoT Security, Mirai Revisited
IoT Security, Mirai Revisited
Clare Nelson, CISSP, CIPP-E
 
TOP 6 Security Challenges of Internet of Things
TOP 6 Security Challenges of Internet of ThingsTOP 6 Security Challenges of Internet of Things
TOP 6 Security Challenges of Internet of Things
ChromeInfo Technologies
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
University of Ontario Institute of Technology (UOIT)
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
Koenig Solutions Ltd.
 
IoT Security
IoT SecurityIoT Security
IoT Security
Peter Waher
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Denim Group
 
IoT and the industrial Internet of Things - june 20 2019
IoT and the industrial Internet of Things - june 20 2019IoT and the industrial Internet of Things - june 20 2019
IoT and the industrial Internet of Things - june 20 2019
John D. Johnson
 
All The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected DevicesAll The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected Devices
John D. Johnson
 

More Related Content

What's hot

Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
ClicTest
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of Things
Bryan Len
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security Patterns
Mark Benson
 
Security challenges for IoT
Security challenges for IoTSecurity challenges for IoT
Security challenges for IoT
WSO2
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Denim Group
 

What's hot (20)

Security in Internet of Things(IoT) Ecosystem
Security in Internet of Things(IoT) EcosystemSecurity in Internet of Things(IoT) Ecosystem
Security in Internet of Things(IoT) Ecosystem
 
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure ThingsSecurity Fundamental for IoT Devices; Creating the Internet of Secure Things
Security Fundamental for IoT Devices; Creating the Internet of Secure Things
 
IoT Security by Sanjay Kumar
IoT Security by Sanjay KumarIoT Security by Sanjay Kumar
IoT Security by Sanjay Kumar
 
Securing the Internet of Things
Securing the Internet of ThingsSecuring the Internet of Things
Securing the Internet of Things
 
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
 
Security of iot device
Security of iot deviceSecurity of iot device
Security of iot device
 
Iot Security, Internet of Things
Iot Security, Internet of ThingsIot Security, Internet of Things
Iot Security, Internet of Things
 
IOT Security
IOT SecurityIOT Security
IOT Security
 
security and privacy-Internet of things
security and privacy-Internet of thingssecurity and privacy-Internet of things
security and privacy-Internet of things
 
Internet of Things Security Patterns
Internet of Things Security PatternsInternet of Things Security Patterns
Internet of Things Security Patterns
 
Security challenges for IoT
Security challenges for IoTSecurity challenges for IoT
Security challenges for IoT
 
IoT Security: Cases and Methods [CON5446]
IoT Security: Cases and Methods [CON5446]IoT Security: Cases and Methods [CON5446]
IoT Security: Cases and Methods [CON5446]
 
Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017Security for iot and cloud aug 25b 2017
Security for iot and cloud aug 25b 2017
 
Privacy and security in IoT
Privacy and security in IoTPrivacy and security in IoT
Privacy and security in IoT
 
IoT Security, Mirai Revisited
IoT Security, Mirai RevisitedIoT Security, Mirai Revisited
IoT Security, Mirai Revisited
 
TOP 6 Security Challenges of Internet of Things
TOP 6 Security Challenges of Internet of ThingsTOP 6 Security Challenges of Internet of Things
TOP 6 Security Challenges of Internet of Things
 
A survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOTA survey in privacy and security in Internet of Things IOT
A survey in privacy and security in Internet of Things IOT
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
 
IoT Security
IoT SecurityIoT Security
IoT Security
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
 

Similar to Internet of Things (IoT) Security

All The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected DevicesAll The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected Devices
John D. Johnson
 
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
HITCON GIRLS
 
Io t security_review_blockchain_solutions
Io t security_review_blockchain_solutionsIo t security_review_blockchain_solutions
Io t security_review_blockchain_solutions
Shyam Goyal
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
tjane3
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
lmelaine
 

Similar to Internet of Things (IoT) Security (20)

IoT and the industrial Internet of Things - june 20 2019
IoT and the industrial Internet of Things - june 20 2019IoT and the industrial Internet of Things - june 20 2019
IoT and the industrial Internet of Things - june 20 2019
 
All The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected DevicesAll The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected Devices
 
IoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and securityIoT and the implications on business IT architecture and security
IoT and the implications on business IT architecture and security
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT
 
Chariot generic presentation owaspwia_Infosecgirls
Chariot generic presentation owaspwia_InfosecgirlsChariot generic presentation owaspwia_Infosecgirls
Chariot generic presentation owaspwia_Infosecgirls
 
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
 
The internet of things(IoT)
The internet of things(IoT)The internet of things(IoT)
The internet of things(IoT)
 
Io t security_review_blockchain_solutions
Io t security_review_blockchain_solutionsIo t security_review_blockchain_solutions
Io t security_review_blockchain_solutions
 
Internet of Things Forensics
Internet of Things ForensicsInternet of Things Forensics
Internet of Things Forensics
 
Secure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application SecuritySecure your Future with IoT Security Testing | Application Security
Secure your Future with IoT Security Testing | Application Security
 
IOT and Security.pptx
IOT and Security.pptxIOT and Security.pptx
IOT and Security.pptx
 
IOT and Security.pptx
IOT and Security.pptxIOT and Security.pptx
IOT and Security.pptx
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
 
Internet of Things (IoT)
Internet of Things (IoT)Internet of Things (IoT)
Internet of Things (IoT)
 
Lecture1_Introduction.pptx
Lecture1_Introduction.pptxLecture1_Introduction.pptx
Lecture1_Introduction.pptx
 
Internet & iot security
Internet & iot securityInternet & iot security
Internet & iot security
 
Security and Privacy in IoT and Cyber-physical Systems
Security and Privacy in IoT and Cyber-physical SystemsSecurity and Privacy in IoT and Cyber-physical Systems
Security and Privacy in IoT and Cyber-physical Systems
 
Network Security in the Age of the Third Platform
Network Security in the Age of the Third PlatformNetwork Security in the Age of the Third Platform
Network Security in the Age of the Third Platform
 
Drobics trustworthy io-t-for-industrial-applications
Drobics trustworthy io-t-for-industrial-applicationsDrobics trustworthy io-t-for-industrial-applications
Drobics trustworthy io-t-for-industrial-applications
 

Recently uploaded

Recently uploaded (20)

Philosophy of china and it's charactistics
Philosophy of china and it's charactisticsPhilosophy of china and it's charactistics
Philosophy of china and it's charactistics
 
Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
NO1 Top Black Magic Specialist In Lahore Black magic In Pakistan Kala Ilam Ex...
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxOn_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
 
Single or Multiple melodic lines structure
Single or Multiple melodic lines structureSingle or Multiple melodic lines structure
Single or Multiple melodic lines structure
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
dusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learningdusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learning
 
Basic Intentional Injuries Health Education
Basic Intentional Injuries Health EducationBasic Intentional Injuries Health Education
Basic Intentional Injuries Health Education
 
latest AZ-104 Exam Questions and Answers
latest AZ-104 Exam Questions and Answerslatest AZ-104 Exam Questions and Answers
latest AZ-104 Exam Questions and Answers
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptxCOMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
COMMUNICATING NEGATIVE NEWS - APPROACHES .pptx
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
 

Internet of Things (IoT) Security

  • 1. Internet of Things Security THE PRECONDITION TO FREEDOM IS SECURITY
  • 2. About Me • Shiris Kumar • IT Security Auditor at AUDITime Information Systems (I) Ltd • Certifications: • CiscoCertified Network Associate • EC-CouncilCertified Security Analyst • EC-CouncilCertified Ethical Hacker • Microsoft Certified Professional • Microsoft Certified Solutions Developer • Microsoft CertifiedTechnology Specialist
  • 3. Agenda • Brief Description of IoT • CyberThreats • RecentVulnerabilities & Compromise • Securing IoT
  • 4. Brief Description of IoT • The Internet of things (IoT) is the inter-networking of physical devices, vehicles (also referred to as "connected devices" and "smart devices"), buildings, and other items embedded with electronics, software, sensors, actuators, and network connectivity which enable these objects to collect and exchange data.
  • 5. Brief Description of IoT • Applications:
  • 6. Brief Description of IoT • 8.4 Billion Connected "Things" Will Be in Use in 2017, Up 31 Percent From 2016 • IoT Units Installed Base by Category (Millions of Units) (Source: Gartner) Category 2016 2017 2018 2020 Consumer 3,963.0 5,244.3 7,036.3 12,863.0 Business:Cross-Industry 1,102.1 1,501.0 2,132.6 4,381.4 Business:Vertical-Specific 1,316.6 1,635.4 2,027.7 3,171.0 GrandTotal 6,381.8 8,380.6 11,196.6 20,415.4
  • 7. • Cyber Criminals / Hacker / Nubs • Government Agencies Cyber Threats: Agents
  • 8. • DDoS Attacks • Botnets & Malware based Attacks • Weak Perimeters Cyber Threats: Vectors
  • 9. Recent Vulnerabilities & Compromise • Oct 21, 2016 a widespread IoT DDoS Attack was targeted on US DNS Servers interrupted services of major websites likeTwitter, Pinterest, Reddit, GitHub, Etsy,Tumblr, Spotify, PayPal,Verizon etc. by infamous Mirai Malware. • Security researcher Lucas Lundgren via an Internet scan last year found around 65,000 IoT servers using the Message Queuing TelemetryTransport (MQTT) worldwide on the public Internet wide open to attack with no authentication nor encrypted communication, findings he revealed last August at DEFCON
  • 10. Recent Vulnerabilities & Compromise • BrickerBot works in similar fashion to Mirai, simply kills any vulnerable IoT devices. • Charlie Miller, a security researcher atTwitter, and ChrisValase, director ofVehicle Security Research at IOActive showcased how a zero-day exploit in the car’s entertainment systems gave full access of car to researchers over Internet. (Source: https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway)
  • 12. Securing IoT • IoT SecurityTop 10 (OWASP 2014) 1. I1 InsecureWeb Interface 2. I2 Insufficient Authentication/Authorization 3. I3 Insecure Network Services 4. I4 Lack ofTransport Encryption 5. I5 Privacy Concerns 6. I6 Insecure Cloud Interface 7. I7 Insecure Mobile Interface 8. I8 Insufficient Security Configuration 9. I9 Insecure Software/Firmware 10. I10 Poor Physical Security