IOT SECURITY ONGOING CHALLENGES Selvana Naiken Gopalla - - PowerPoint PPT Presentation

IOT SECURITY – ONGOING CHALLENGES

Selvana Naiken Gopalla Information Security Consultant CERT-MU | National Computer Board

OUTLINE

The Internet of Insecure Things New Devices, New Security Challenges IOT Specific Security Issues Preventing Future Attacks

NEW DEVICES, NEW SECURITY CHALLENGES

NUMBER OF CONNECTED DEVICES

By 2020, more than 25% of identified enterprise attacks will involve IoT, though IoT will account for

• nly 10% of IT security budgets.

Gartner, 2016

The Connected Car and Smart Watch Problem Security is a battle of inches, and even the

• ne-inch square device on your wrist may

be the attack surface for the bad guys.

LINUX/MOOSE – THE IOT BOTNET WITH AN APPETITE FOR SOCIAL NETWORKS

Instagram 86% Twitter 8% YouTube, Periscope, Kiwi and Flipagram 3% 1,700 fake accounts 72% suspended

Instagram 86% Twitter 8% Periscope, YouTube, Kiwi and Flipagram 3% 1,700 fake accounts 72% suspended Gmail and Yahoo email account creation requests

LINUX/MOOSE BEHAVIOUR

Replicate Service listening Proxying Tunnel Eavesdrop Kill processes

SPOTTING FAKE ACCOUNTS CREATED BY LINUX/MOOSE

SPOTTING FAKE ACCOUNTS CREATED BY LINUX/MOOSE

SPOTTING FAKE ACCOUNTS CREATED BY LINUX/MOOSE

LINUX/MOOSE HABITAT – TARGETED DEVICES

Actiontec Hik Vision Netgear Synology TP-Link ZyXEL Zhone

Vendors Confirmed as Being Affected: Source: ESET, Canada

CLEANING LINUX/MOOSE

Factory Reset Update firmware Change Password

LINUX/MOOSE PREVENTION

Change default passwords Disable Telnet login Deny access

• n ports 22,

23, 80, 443 Install latest firmware

October 21, 2016

Twitter GitHub PayPal Amazon Netflix Reddit Spotify 49,657 unique IPs hosting Mirai-infected devices

Source: SecurityWeek, 2016

164 countries affected Vietnam 12.8% Brazil 11.8% United States at 10.9% China 8.8% Mexico 8.4% Also in Top 10: South Korea, Taiwan, Russia, Romania and Colombia Montenegro, Tajikistan and Somalia

Source: SecurityWeek , 2016

MIRAI MITIGATION IN 3 STEPS

Disconnect Reboot Change password

MIRAI PREVENTION

Password Change Device Update Disable Universal Plug and Play (UPnP) Reputable Vendors Device Capabilities Port Monitoring

INFORMATION SECURITY VS. IOT SECURITY

Information Security IoT Security

C I

Infosec

A A I C

SECURITY & PRIVACY ARE NOT THE ONLY ISSUES

Inter-operability standard Legal Regulatory and Rights Emerging Economy and development

HOW AND WHEN WILL WE GET A SECURE INTERNET OF THINGS?

Emphasise security from day one Lifecycle, future-proofing, updates Access control and device authentication Know your enemy Prepare for security breaches

INITIATIVES TO DETECT AND ERADICATE BOTNETS IN MAURITIUS

In line with the Government’s vision to make Mauritius secure and resilient, CERT-MU is in the process of setting up an infrastructure to proactively detect and take appropriate measures against botnets Implementation of this system will provide safe and secure environment for businesses The solution can be extended to IOT devices

INCIDENT STATISTICS REPORTED TO CERT-MU- YEAR 2015

INCIDENT STATISTICS REPORTED TO CERT-MU - OCTOBER 2016

INITIATIVES TO DETECT AND ERADICATE BOTNETS IN MAURITIUS

In line with the Government’s vision to make Mauritius secure and resilient, CERT-MU is in the process of setting up an infrastructure to proactively detect and take appropriate measures against botnets Implementation of this system will provide safe and secure environment for businesses The solution can be extended to IOT devices

Mitigation of existing botnets Prevention of new infections Minimizing profitability of botnets Visualize threat landscape

• f the Mauritian cyberspace

Benefits:

THANK YOU!