beware of thing bot

Download beware of Thing Bot

Post on 13-Aug-2015




1 download

Embed Size (px)


  2. 2. IOT : Internet des objets The Internet of Things is a new term in the tech industry that refers to a concept where every device in your house gets its own computer chip, software, and connection to the Internet: your fridge, thermostat, smart water meter, door locks, etc. The Internet of Things (IoT) is a vision. It is being built today
  4. 4. IOT Classes The day when virtually every electronic device - - from phones and cars to refrigerators and light switches -- will be connected to the Internet is not far away.
  5. 5. Materiel & Protocoles Arduino/arduino/ognion io/Raspberry pi/CHIP/SAM L21 (processeur ARM ) consome 35 microamps/Hz SUN/Microsoft/Google Wireless/Xbee/Zigbee(2.4 GHz /250 kbps/200m/128 bit AES encryption)/bluethoot 4.0/NFC 6LoWPAN (IPv6 over Low power Wireless Personal Area Networks) uIP : The uIP is an open source TCP/IP stack capable of being used with tiny 8- and 16-bit microcontrollers MQTT (Message Queuing Telemetry Transport) CoAP (Constrained Application Protocol) "CoAP is an application layer protocol that is intended for use in resource-constrained internet devices, such as WSN nodes. CoAP is designed to easily translate to HTTP for simplified integration with the web XMPP (Extensible Messaging and Presence Protocol) "An open technology for real-time communication, which powers a wide range of applications including instant messaging, presence, multi- party chat, voice and video DDS is a powerful device-to-device service that offers high performance data distribution calls, collaboration, lightweight middleware, content syndication, and generalized routing of XML data."
  6. 6. C,H,I,P 9$C.H.I.P. has built in WiFi + Bluetooth. Connect to the internet and attach a keyboard and mouseWIRELESSLY!
  7. 7. Connected Tvs Wearables Connected cars
  8. 8. Connected ne veux pas dire forcement Smart Smart object : objects connected to the Net; objects that can sense their users and display smart behaviour
  9. 9. The number of Internet-connected devices is growing rapidly and is expected to reach 50 billion by 2020.(Cisco report) As the number of Internet-connected devices grows, the potential security challenges of the so-called "Internet of Things," or IoT, can no longer be ignored. The web of interconnected devices promises both enormous benefits to users and serious security threats, due to the sensitive data those devices will share. Futur
  10. 10. euh .
  11. 11. Now the really scary part Internet-of-things "devices are typically not protected by the anti-spam and anti-virus infrastructures available to organizations and individual consumers, nor are they routinely monitored by dedicated IT teams or alerting software to receive patches to address new security issues as they arise.
  12. 12. Why menaced the paradigm is menaced by a multitude of threat actors, from cybercriminals to government entities, even hacktivists. The reason is simple: IoT devices manage a huge quantity of information, they are capillary distributed in every industry, and, unfortunately, their current level of security is still low.
  13. 13. IOT THREATS As explained by experts at Symantec, the principal cyber threats for the Internet of Things are: Denial of service DDoS attacks could target all the end points of a working scenario, causing a serious problem with the network of smart devices and paralyzing the service it provides. Botnets and malware based attacks. Data breaches : Attackers could spy on the communications between peers in a IoT network and collect information on the services they implement Weakening perimeters: If the attacker is able to compromise a device, he could have access to our domestic network, spy on us, or cause physical damage to our domestic environment. The problem is equally serious if we consider the use of IoT devices in any industry.
  14. 14. The OWASP Internet of Things (IoT) Top 10 The Open Web Application Security Project (OWASP) has the primary intent to divulge best practices to improve the security of software. It is natural that the project also analyzed the top 10 security issues related to the popular paradigm. Insecure Web Interface Insufficient Authentication/Authorization Insecure Network Services Lack of Transport Encryption Privacy Concerns Insecure Cloud Interface Insecure Mobile Interface Insufficient Security Configurability Insecure Software/Firmware Poor Physical Security
  15. 15. Internet of Things devices are generally not designed with security in mind.
  16. 16. Many users may not be aware that they are using vulnerable devices in their homes or offices, Another issue we could face is that even if users notice vulnerable devices, no updates have been provided to some products by the vendor, because of outdated technology or hardware limitations, such as not having enough memory or a CPU that is too slow to support new versions of the software.
  17. 17. In May 2013, two security experts from Cylance hacked into Google's building management system in Australia, accessing floor plans, piping layouts, alarm systems and equipment schedules. They used the hack to point out serious holes in software developed by Tridium, a Honeywell-owned firm. "If Google can fall victim...anyone can," wrote the hackers.
  18. 18. PRvBpLuJs
  19. 19. Botnets //& Thingbots
  20. 20. A bot' is a type of malware that an attacker can use to control an infected computer or mobile device. A group or network of machines that have been co-opted this way and are under the control of the same attacker is known a botnet Your computer could be a part of a botnet
  21. 21. BOT = Robot(zombbie) Net=Network
  23. 23. We are looking at a new age of botnets. The first age was servers, PCs, and laptops. The second age was mobile devices such as smartphones, phablets, and tablets. Whats the newest wave? Thingbots.
  24. 24. BOTNETS & ThingBots A malware author specifically designs their codes to compromise architectures used by IoT devices. A malicious code could be used to infect computers used to control a network of smart devices or to compromise the software running on them. In this second scenario, the attackers can exploit the presence of a flaw in the firmware running on the devices and run their arbitrary code, turning IoT components to unplanned use.
  25. 25. BOTNETS & ThingBots In November 2013, Symantec discovered a new Linux worm, Linux.Darlloz, infecting Intel x86-powered Linux devices. The attackers compromised IoT devices in order to build a botnet (a thingbot)
  26. 26. Bot-nets are already a major security concern and the emergence of thingbots may make the situation much worse,
  27. 27. BOTNETS & ThingBots Meanwhile, the attacks continue. Recently, experts at Akamais Prolexic Security Engineering & Response Team (PLXsert) spotted a new malware kit named Spike, which is used to run DDoS attacks through desktops and Internet of Things devices. The Spike thingbot was able to run different types of DDoS attacks, including SYN, UDP, Domain Name System query, and GET floods against Linux based machines, Windows, and ARM- based Linux hosts.
  28. 28. BOTNETS & ThingBots The thingbot was composed of home routers, smart dryers, smart thermostats and other intelligent devices. Akamai noticed a number of devices for the Spike botnet ranging from 12,000 to 15,000. The researchers highlighted the ability of attackers to customize the malware also for ARM architectures widely adopted by IoT devices.
  29. 29. BOTNETS & ThingBots Akamai published an interesting report on the Spike botnet that includes details related to DDoS attacks run by the threat actor. The experts observed that one of the attacks clocked 215 gigabits per second (Gbps) and 150 million packets per second (Mpps). The document confirms that, even if the majority of the DDoS attacks launched from low-powered devices could be insignificant, IoT devices could anyway represent a powerful weapon in the hand of the attackers.
  30. 30. BOTNETS & ThingBots In March 2014, researchers at Team Cymru published a detailed report on a large scale SOHO pharming attack that hit more that 300,000 devices worldwide
  31. 31. Hackers are Trying to Turn Your Connected Fridge Into a Thingbot
  32. 32. Security researchers at Proofpoint have uncovered the very first wide-scale hack that involved television sets and at least one refrigerator. Yes, a fridge. This is being hailed as the first home appliance "botnet" and the first cyberattack from the Internet of Things.
  33. 33. The hack happened between December 23, 2013 and January 6, 2014, and featured waves of malicious email, typically sent in bursts of 100,000, three times per day, targeting enterprises and individuals worldwide. one-quarter, were sent by hacked home appliances. Hackers didn't have to be amazingly smart when breaking into home appliances. Many times they gained access because the home owners didn't set them up correctly, or used the default password that came with the device.
  34. 34. More Than 750,000 Phishing and SPAM Emails Launched From "Thingbots" Including Televisions, Fridge Think about when well have 22 Billion -_-
  35. 35. DDOS (Distributed Denial of Service ) attacks Ddos one of the prefered hackivists as a methode of protest. Internal or external DDOS Cloudflare/prolexic/..= cost Layer7 ddos = large amount get/pop or download large files => 3G/4G bandwith !!
  36. 36. Performance Attackers could use thingbots to mine bitcoins !! Malicious attackers can crash your devices, block them from connecting an