IOT SECURITY – ONGOING CHALLENGES Selvana Naiken Gopalla Information Security Consultant CERT-MU | National Computer Board
OUTLINE The Internet of Insecure Things New Devices, New Security Challenges IOT Specific Security Issues Preventing Future Attacks
NEW DEVICES, NEW SECURITY CHALLENGES
NUMBER OF CONNECTED DEVICES
By 2020, more than 25% of identified enterprise attacks will involve IoT, though IoT will account for only 10% of IT security budgets. Gartner, 2016
Security is a battle of inches, and even the one-inch square device on your wrist may be the attack surface for the bad guys. The Connected Car and Smart Watch Problem
LINUX/MOOSE – THE IOT BOTNET WITH AN APPETITE FOR SOCIAL NETWORKS YouTube, Periscope, Kiwi and Instagram 86% Instagram 86% Periscope, YouTube, Flipagram 3% Kiwi and Flipagram 3% 1,700 fake accounts 1,700 fake accounts 72% suspended 72% suspended Twitter 8% Twitter 8% Gmail and Yahoo email account creation requests
LINUX/MOOSE BEHAVIOUR Kill Replicate processes Service Eavesdrop listening Proxying Tunnel
SPOTTING FAKE ACCOUNTS CREATED BY LINUX/MOOSE
SPOTTING FAKE ACCOUNTS CREATED BY LINUX/MOOSE
SPOTTING FAKE ACCOUNTS CREATED BY LINUX/MOOSE
LINUX/MOOSE HABITAT – TARGETED DEVICES Vendors Confirmed as Being Affected: Hik Actiontec Netgear Synology Vision TP-Link ZyXEL Zhone Source: ESET, Canada
CLEANING LINUX/MOOSE Factory Update Change Reset firmware Password
LINUX/MOOSE PREVENTION Change Install latest default firmware passwords Deny access Disable on ports 22, Telnet login 23, 80, 443
October 21, 2016 164 countries affected Reddit Vietnam 12.8% Brazil 11.8% United States at 10.9% Twitter 49,657 unique IPs hosting China 8.8% Mexico 8.4% Mirai-infected devices Spotify Source: SecurityWeek, 2016 Also in Top 10: South Korea, Taiwan, Russia, Romania GitHub and Colombia Montenegro, Tajikistan and Somalia PayPal Amazon Source: SecurityWeek , 2016 Netflix
MIRAI MITIGATION IN 3 STEPS Change Disconnect Reboot password
MIRAI PREVENTION Password Change Port Monitoring Device Update Disable Device Universal Plug Capabilities and Play (UPnP) Reputable Vendors
INFORMATION SECURITY VS. IOT SECURITY Information Security IoT Security A C I Infosec C I A
SECURITY & PRIVACY ARE NOT THE ONLY ISSUES Inter-operability standard Legal Regulatory and Rights Emerging Economy and development
HOW AND WHEN WILL WE GET A SECURE INTERNET OF THINGS? Emphasise Lifecycle, Access control security from future-proofing, and device day one updates authentication Prepare for Know your security enemy breaches
INITIATIVES TO DETECT AND ERADICATE BOTNETS IN MAURITIUS In line with the Government’s vision to make Mauritius secure and resilient, CERT-MU is in the process of setting up an infrastructure to proactively detect and take appropriate measures against botnets Implementation of this system will provide safe and secure environment for businesses The solution can be extended to IOT devices
INCIDENT STATISTICS REPORTED TO CERT-MU- YEAR 2015
INCIDENT STATISTICS REPORTED TO CERT-MU - OCTOBER 2016
INITIATIVES TO DETECT AND ERADICATE BOTNETS IN MAURITIUS In line with the Government’s vision to make Benefits: Mauritius secure and resilient, CERT-MU is in the process of setting up an infrastructure to proactively detect and take appropriate Mitigation of existing measures against botnets botnets Prevention of new Implementation of this system will provide safe infections and secure environment for businesses Minimizing profitability of botnets Visualize threat landscape The solution can be extended to IOT devices of the Mauritian cyberspace
THANK YOU!
Recommend
More recommend
