Internet of Things (IoT) & Security

Internet of Things (IoT) & Security. hackstudentlogo-grey.

What is IoT?. Internet of Things. Any device that can send and receive data through the internet. Examples include phones, smart devices (fridge, camera, lights, TV), industrial applications like smart city devices (traffic monitoring)..

Why is IoT Security so Important?. IoT devices are typically not very secure. They use simple default passwords. Infrequent patches - if any. Left on the corporate or home network visible to other devices/servers/computers..

Default Passwords. A lot of devices come preconfigured with simple default username/passwords. It is important to change these default passwords to new secure ones as soon as you get the device..

How Easy is it to Crack Default Passwords?. Search up a device make/model followed by "default password“. http://open-sez.me - This is a website that keeps a database of default credentials for all sorts of vendors – home and enterprise..

Network Segmentation. One of the most important things when it comes to IoT devices is making sure to keep them on a different network from your home or business. Companies that have been breached through IoT devices, often had them attached to their regular network which allowed the attacker access to other areas once they got in through the IoT device..

Real World Examples: Casino Breach. A casino was breached using an internet connected fish tank. The tank was connected to a PC with IoT connected devices like thermometer. The thermometer was the point of entry which then allowed them to scan for vulnerabilities across the network resulting in 10GB of data being stolen..

Real World Examples: Mirai. Botnet was created using IoT devices (Cameras, printers, refrigerators, doorbells, baby monitors, etc.). Hundreds of thousands of devices infected. DDoS against DYN (DNS service provider). DNS translates an IP address to the website name (Netflix, Twitter, AWS, Etsy, Paypal , etc.)..

Real World Examples: Mirai Explained. Found devices by scanning the internet for devices who have telnet port open, it then runs. Ran those devices against password “dictionaries” of commonly used and/or default passwords to gain access. Once elevated permissions were gained on these devices, they were connected to a C2 server..