Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Security Target
Download as PPTX, PDF•7 likes•49,312 views
The document discusses the Internet of Things (IoT) as a significant target for cybersecurity threats, highlighting its evolution, ubiquity of devices, and importance in modern life. It outlines various vulnerabilities in IoT devices and stresses the need for improved security practices, including regular updates, secure communications, and compliance with security standards. Recommendations for safeguarding IoT include ensuring supply chain security and utilizing out-of-band systems to protect against hacking.
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Security Target
- 1. Internet of Things(IoT):The Next Cyber Security Target Praveen Kumar Gandi Head Information Security Services ClicTest [email protected] By Disclaimer: The images used in this presentation belong to their respective copyright holders and are used for educational purposes only. All other rights are reserved.
- 2. Pre- Internet Internet of CONTENT Internet of SERVICES Internet of PEOPLE Internet of THINGS “HUMAN TO HUMAN” “WWW” “WEB 2.0” “SOCIAL MEDIA” “MACHINE TO MACHINE” • Fixed & mobile telephony • SMS • E-mail • Information • Entertainment • E-productivity • E-commerce • … • Skype • Facebook • YouTube • Twitter • …. • Identification, tracking, monitoring, metering …. • Semantically structured and shared data … + Smart networks + Smart IT platforms & services + Smart Phones & applications + Smart Devices, objects & tags + Smart Data & ambient context Evolution of Internet of Things
- 3. • According to Gartner's analysis, there will be nearly 26 billion devices on the Internet of Things by 2020. • As per ABI Research, an estimation of more than 30 billion devices will be wirelessly connected to Internet of Things. • And as per the MarketsandMarkets Analysis, the estimated revenue generated on these smart product sales by 2016 will be $1 Trillion. Importance of Internet of Things Source: Cisco
- 4. Internet of Things(IoT) • Originally, The Internet of Things (IoT) refers to “the interconnection of uniquely identifiable embedded computing devices within the existing Internet infrastructure”. • As the technology advances, the term Internet of Things(IoT) denotes to “Advanced connectivity of devices, systems, and services that goes beyond machine-to- machine communications (M2M) and covers a variety of protocols, domains, and applications”. Source: http://en.wikipedia.org/wiki/Internet_of_Things
- 5. Internet of Things(IoT) • The IoT represents an evolution of future as many physical devices communicate with each other everyday through internet and identify themselves with other devices. • The other technologies like RFID, Sensor technologies, Wireless technologies, etc. will also be used as method of communication.
- 6. IPV6 Inexpensive and High Speed Connection Big Data and Cloud Inexpensive and Powerful Hardware Internet Evolution
- 7. Source:Cisco
- 8. Types of Internet of Things Information Technology • PCs • Servers • Virtualization • Routers • Switches Personal Technology • Tablets • Smart phones • Smart watches • Home energy • Home entertainment • Home control • Medical implants • Medical wearables Operational Technology • Industrial Control Systems(ICS) • Supervisory control and data acquisition • Medical machines • Kiosks • Manufacturing • Cloud service infrastructure • Environmental Monitoring
- 9. Do you know? • The First IOT device is Internet Coke Machine at Carnegie Mellon University introduced in the year 1982”.
- 10. Internet of Things In Everyday Life
- 11. Internet of Things in Homes(Smart Homes)
- 12. How IoT works? Source: Securing the IoT World by Aaron Guzman
- 13. Are Internet of Things Secure?
- 14. Smart Cars got pwned!!
- 15. Smart Lights can be Hacked • Unsecure communication between bridge and application •Vulnerability in smart bulb makes home black out by security researcher •Fixed in Latest Version
- 16. Vulnerabilities in IoT Devices • Due to improper security model implementation and unsecure communication between the device and application. • Any device on the same Wi-Fi network can command or control these devices.
- 17. How far IoT can be hacked? Remember “Fire Sale” in Die Hard 4.0
- 18. Hurdles Securing the IoT • There is no consistent or official software update process or mechanism • There is little or no understanding of the cyber threats embedded in their systems • There is lack of accountability for device security • Improper configuration or purpose-built features that equate to security flaws • Data privacy
- 19. Securing the IoT • Keep your Software/firmware Updated • Ensure that connectivity is Secure. eg: Two Factor Authentication
- 20. • Secure the location of the data being reported by IoT-linked devices. • Encrypt the System. eg: Two-Person Controls Securing the IoT
- 21. • Ensure Supply Chain Security. Prevention of counterfeit hardware by procedures to certify manufacturers’ supply chain processes to prevent the introduction of malicious code. • Support IoT security. We must support regulation that requires that IoT devices meet security standards, just as we require standards for our electrical devices with UL approval requirements. Securing the IoT
- 22. • Use out of band (OOB) systems – closed systems (intranets) that are not open to the public. The Defence Department uses IoT linked devices, but they are mainly out of reach from hackers because they are OOB. Defence weapons systems and even sensor- wearing soldiers report critical status information to centralized control centres that feed decision makers. While less vulnerable to being hacked, these OOB systems are subject to insider attacks. Securing the IoT
- 23. • Support Standardization. Eg: OWASP Securing the IoT Source: IoT-Attack-Surfaces-Defcon-2015
- 24. Securing the IoT • Stay informed. National Institute of Standards and Technology and Federal Guidance such as Federal Information Processing Standards (FIPS) address critical steps that are needed to secure and protect information and critical systems.
- 25. Thank You ! Praveen Kumar G Head Information Security Services |ClicTest E-mail: [email protected]
Editor's Notes
- #2: Hello Everyone, My Name is Praveen Kumar G. I am currently working as a Head Information Security Services for ClicTest. Today, I am going to speak about “Internet of Things(IoT): The Next Cyber Security Target”.
- #5: In simple, we can say that the network of these interconnected physical objects or things embedded with electronics, software, sensors and connectivity.
- #7: With the invention of these powerful and inexpensive hardware's, high speed internet connections, IPv6 and Big Data & Cloud technologies contributes towards the evolution of Internet which can support the IoT.
- #8: Especially, with the help of IPv6. we can have almost unlimited number of IP addresses i.e. around 100 IP addresses for every atom on the face of the earth.
- #11: Health Care: Patient care, elderly monitoring, remote diagnostics, equip monitoring, hospital hygiene, bio wearables, food sensors. Buildings: HVAC, security, lighting, electrical, transit, emergency alerts, occupancy and energy credits. Transport: Traffic routing, Telematics, Package monitoring, Smart Parking, Supply Chain, Shipping, public transport, Trains, Airlines. Home: Light bulbs, Security, pet feeding, smoke alarm, irrigation controller, refrigerator, washer/dryer, stove, energy monitoring.