2. About Me
• Shiris Kumar
• IT Security Auditor at AUDITime Information Systems (I) Ltd
• Certifications:
• CiscoCertified Network Associate
• EC-CouncilCertified Security Analyst
• EC-CouncilCertified Ethical Hacker
• Microsoft Certified Professional
• Microsoft Certified Solutions Developer
• Microsoft CertifiedTechnology Specialist
4. Brief Description of IoT
• The Internet of things (IoT) is
the inter-networking of
physical devices, vehicles (also
referred to as "connected
devices" and "smart devices"),
buildings, and other items
embedded with electronics,
software, sensors, actuators,
and network connectivity which
enable these objects to collect
and exchange data.
6. Brief Description of IoT
• 8.4 Billion Connected "Things" Will Be in Use in 2017, Up 31 Percent
From 2016
• IoT Units Installed Base by Category (Millions of Units)
(Source: Gartner)
Category 2016 2017 2018 2020
Consumer 3,963.0 5,244.3 7,036.3 12,863.0
Business:Cross-Industry 1,102.1 1,501.0 2,132.6 4,381.4
Business:Vertical-Specific 1,316.6 1,635.4 2,027.7 3,171.0
GrandTotal 6,381.8 8,380.6 11,196.6 20,415.4
9. Recent Vulnerabilities & Compromise
• Oct 21, 2016 a widespread IoT DDoS Attack was targeted on US DNS
Servers interrupted services of major websites likeTwitter, Pinterest,
Reddit, GitHub, Etsy,Tumblr, Spotify, PayPal,Verizon etc. by
infamous Mirai Malware.
• Security researcher Lucas Lundgren via an Internet scan last year
found around 65,000 IoT servers using the Message Queuing
TelemetryTransport (MQTT) worldwide on the public Internet wide
open to attack with no authentication nor encrypted communication,
findings he revealed last August at DEFCON
10. Recent Vulnerabilities & Compromise
• BrickerBot works in similar fashion to Mirai, simply kills any
vulnerable IoT devices.
• Charlie Miller, a security researcher atTwitter, and ChrisValase,
director ofVehicle Security Research at IOActive showcased how a
zero-day exploit in the car’s entertainment systems gave full access
of car to researchers over Internet.
(Source: https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway)