Content ‹#› What is IoT � 1. 2. Cyber Threats to IoT IoT Security and the Guidelines in Japan 3. IoT Security Guidelines in Japan 4. Conclusion April 11th, 2017 Mr. Takashi Michikata Deputy Director, ICT Security Office Ministry of Internal Affairs and Communications, JAPAN What is IoT � Content ‹#› 3 ‹#› IoT stands for “Internet of Things” What is IoT � 1. 2. Cyber Threats to IoT 3. IoT Security Guidelines in Japan ITU-T Recommendation (Y.2060) defines IoT as 4. Conclusion � “A global infrastructure for the information society, enabling advanced services by interconnecting (physical and virtual) things based on existing and evolving interoperable information and communication technologies.”
Content ‹#› Is IoT a Buzz Word? ‹#› 4 Is the concept of IoT old? What is IoT � 1. British entrepreneur Kevin Ashton in MIT coined the term in 1999. 2. Cyber Threats to IoT - Wikipedia (Photo by Larry D. Moore CC BY-SA 3. IoT Security Guidelines in Japan Is IoT available everywhere? 4.0) � The total number of IoT devices in the world will ➢ 4. Conclusion grow from 15.8 billion in 2013 to about 53 billion in 2020. - IHS Technology Has the technology development finally caught up the concept? New Types of Cyber Threats to IoT ‹#› Number of IoT Devices and Areas of the Use ‹#› 5 More than HALF of IoT Security Protections on IoT are necessary as IoT devices such as [million automobiles and cameras are starting to be connected to the Internet Devices will be used in units] through WiFi or cellular phone networks. Consumer Applications Hacking an automobile by remote control Footage captured by CCTV are published on the Internet Automotive Hacking from a remote location through a cellular phone Some users do not even notice that their cameras are network. connected to the Internet. Consumer Taking over the entire control of an Applications automobile including a steering Attacker and braking control Attacker Generic through a car navigation system. Business Vertical Business [year] (Source) WIRED It was proved that accidents affecting human lives could A large number of footage captured by CCTVs located occur, and a car company recalled about 1.4 million in Japan are disclosed overseas through the Internet vehicles. because of the insufficient security protection. Source: Gartner, “Forecast Analysis: Internet of Things, Endpoints and Associated Services, Worldwide, 2014 Update”, December, 2014 5
packet’s src and dst from time the IP addresses in real- geographical positions of a ・NICTER shows DDoS Cyber Attack Case by IoT ‹#› Network Incident analysis Center for Tactical Emergency Response (NICTER) ➢ Dyn’s managed DNS infrastructure were under two large DDoS attacks in October, 2016 and ■ � National Institute of Information and Communication Technology (NICT) has Network Incident the major customers including Amazon and Twitter were affected. analysis Center for Tactical Emergency Response (NICTER) that monitors malicious incoming cyber ➢ The attacks were caused by Mirai IoT botnet. Similar cases were reported in UK and traffic to a dark net (a chunk of about 300,000 unused IP addresses.) Germany. • About 100,000 IoT devices created massive traffic to the Dyn’s system • The total traffic volume reached 1.2 Tbps # of packets observed by NICTER [Billion] source: http://dyn.com/blog/dyn-analysis-summary-of-friday-october-21-attack/ 128 Many scan packets generated in IoT devices worldwide had been observed by NICTER 55 ■ TCP SYN since the beginning of September ■ TCP SYN/ACK ■ TCP ACK ■ TCP FIN ■ 2323/TCP ■ TCP RESET 26 ■ TCP PUSH # of 13 ■ TCP Other ■ UDP observed ■ ICMP packets ■ 2323/TCP # of hosts Examples of Infected IoT Devices ‹#› 9 What is the percentage of observed cyber attacks to IoT? Cyber Attacks observed by NICTER in 2016 2 of observed 3 cyber attacks to IoT 1 in 4 2015 Source: Yoshioka’s Research Laboratory, Yokohama National University, Japan
Case on Hacked IoT Device (3) ‹#› 14 Case on Hacked IoT Device (1) ‹#› 12 Then, a solar power controller was found Malicious Email Header sent from a certain IP address Exactly same time Case on Hacked IoT Device (4) ‹#› 15 Case on Hacked IoT Device (2) ‹#› 13 ● The Email contains a brief message saying “Wait for your response.” The device with the IP address seem to locate nowhere in the woods. But why? ● It has a zipped attached file which wraps an executable file(.jpeg.exe.).
‹#› 18 Why is IoT vulnerable to Cyber Attacks? ‹#› CSA’s “Security Guidance for Early Adopters of the Internet of Things” Hard to manage the devices ➢ Cloud Security Alliance, USA, published “Security Guidance for Early Adopters of the Internet of Things” and it recommends security protection strategies on each one of IoT service layers as edge devices, gateways/applications, and enterprise computing/cloud storage/data analytics. Always online Long product lifecycle Almost no protections available such as anti-virus software Source: Cloud Security Alliance , “Security Guidance for Early Adopters of the Internet of Things (IoT)”, April 2015 18 Content ‹#› 19 ‹#› FBI’s “Internet of Things Poses Opportunities for Cyber Crime” ➢ The FBI is warning companies and the general public to be aware of IoT vulnerabilities cybercriminals could exploit, and offers some tips on mitigating those cyber threats. What is IoT � ➢ The recommendations covers Q&As such as “What are some IoT devices?”, “What are 1. the IoT Risks?”, and “What an IoT Risk Might Look Like to You?” ■ Consumer Protection and Defense Recommendations 2. Cyber Threats to IoT • Isolate IoT devices on their own protected networks; • Disable UPnP on routers; • Consider whether IoT devices are ideal for their intended purpose; 3. IoT Security Guidelines in Japan • Purchase IoT devices from manufacturers with a track record of providing secure devices; • When available, update IoT devices with security patches; • Consumers should be aware of the capabilities of the devices and appliances installed in their homes 4. Conclusion and businesses.; • Use current best practices when connecting IoT devices to wireless networks, and when connecting remotely to an IoT device; • Ensure all default passwords are changed to strong passwords. Do not use the default password determined by the device manufacturer. etc.” Source: FBI, “Internet of Things Poses Opportunities for Cyber Crime” 19
Recommend
More recommend