Upload
bellaj-badr
View
371
Download
1
Embed Size (px)
Citation preview
IOT : Internet des objets
The Internet of Things is a new term in the tech industry that refers to a concept where every device in your house gets its own computer chip, software, and connection to the Internet: your fridge, thermostat, smart water meter, door locks, etc.
The Internet of Things (IoT) is a vision. It is being built today
IOT Classes
The day when virtually every electronic device -- from phones and cars to refrigerators and light switches -- will be connected to the Internet is not far away.
Materiel & ProtocolesArduino/arduino/ognion io/Raspberry pi/CHIP/SAM L21 (processeur ARM ) consome 35 microamps/Hz
SUN/Microsoft/Google…Wireless/Xbee/Zigbee(2.4 GHz /250 kbps/200m/128 bit AES encryption)/bluethoot 4.0/NFC
6LoWPAN (IPv6 over Low power Wireless Personal Area Networks)
uIP : The uIP is an open source TCP/IP stack capable of being used with tiny 8- and 16-bit microcontrollers
MQTT (Message Queuing Telemetry Transport)
CoAP (Constrained Application Protocol)"CoAP is an application layer protocol that is intended for use in resource-constrained internet devices, such as WSN nodes. CoAP is designed to easily translate to HTTP for simplified integration with the web
XMPP (Extensible Messaging and Presence Protocol)"An open technology for real-time communication, which powers a wide range of applications including instant messaging, presence, multi-party chat, voice and video
DDS is a powerful device-to-device service that offers high performance data distribution calls, collaboration, lightweight middleware, content syndication, and generalized routing of XML data."
C,H,I,P
9$C.H.I.P. has built in WiFi + Bluetooth. Connect to the internet and attach a keyboard and mouseWIRELESSLY!
“Connected” ne veux pas dire forcement “Smart”
Smart object : objects connected to the Net; objects that can sense their users and display smart behaviour
The number of Internet-connected devices is growing rapidly and is expected to reach 50 billion by 2020.(Cisco report)
As the number of Internet-connected devices grows, the potential security challenges of the so-called "Internet of Things," or IoT, can no longer be ignored. The web of interconnected devices promises both enormous benefits to users and serious security threats, due to the sensitive data those devices will share.
Futur
Now the really scary part
Internet-of-things "devices are typically not protected by the anti-spam and anti-virus infrastructures available to organizations and individual consumers, nor are they routinely monitored by dedicated IT teams or alerting software to receive patches to address new security issues as they arise.
Why menaced
the paradigm is menaced by a multitude of threat actors, from cybercriminals to government entities, even hacktivists. The reason is simple: IoT devices manage a huge quantity of information, they are capillary distributed in every industry, and, unfortunately, their current level of security is still low.
IOT THREATS
As explained by experts at Symantec, the principal cyber threats for the Internet of Things are:
◦ Denial of service – DDoS attacks could target all the end points of a working scenario, causing a serious problem with the network of smart devices and paralyzing the service it provides.
◦ Botnets and malware based attacks.
◦ Data breaches : Attackers could spy on the communications between peers in a IoT network and collect information on the services they implement
◦ Weakening perimeters: If the attacker is able to compromise a device, he could have access to our domestic network, spy on us, or cause physical damage to our domestic environment. The problem is equally serious if we consider the use of IoT devices in any industry.
The OWASP Internet of Things (IoT) Top 10
The Open Web Application Security Project (OWASP) has the primary intent to divulge best practices to improve the security of software. It is natural that the project also analyzed the top 10 security issues related to the popular paradigm.◦ Insecure Web Interface◦ Insufficient Authentication/Authorization◦ Insecure Network Services◦ Lack of Transport Encryption◦ Privacy Concerns◦ Insecure Cloud Interface◦ Insecure Mobile Interface◦ Insufficient Security Configurability◦ Insecure Software/Firmware◦ Poor Physical Security
“Many users may not be aware that they are using vulnerable devices in their homes or offices,”
“Another issue we could face is that even if users notice vulnerable devices, no updates have been provided to some products by the vendor, because of outdated technology or hardware limitations, such as not having enough memory or a CPU that is too slow to support new versions of the software.”
In May 2013, two security experts from Cylance hacked into Google's building
management system in Australia, accessing floor plans, piping layouts, alarm
systems and equipment schedules. They used the hack to point out serious
holes in software developed by Tridium, a Honeywell-owned firm. http://
goo.gl/AAbekx
"If Google can fall
victim...anyone can,"
wrote the hackers.
A ‘bot' is a type of malware that an attacker can use to control an infected computer or mobile device. A group or network of machines that have been co-opted this way and are under the control of the same attacker is known a ‘botnet‘ Your computer could be a part of a botnet
We are looking at a new age of botnets. The first age was servers, PCs, and laptops. The second age was mobile devices such as smartphones, phablets, and tablets. What’s the newest wave? … Thingbots.
BOTNETS & ThingBots
A malware author specifically designs their codes to compromise architectures used by IoT devices. A malicious code could be used to infect computers used to control a network of smart devices or to compromise the software running on them. In this second scenario, the attackers can exploit the presence of a flaw in the firmware running on the devices and run their arbitrary code, turning IoT components to unplanned use.
BOTNETS & ThingBots
In November 2013, Symantec discovered a new Linux worm, Linux.Darlloz, infecting Intel x86-powered Linux devices. The attackers compromised IoT devices in order to build a botnet (a thingbot)
Bot-nets are already a major security concern and the emergence of thingbots may make the situation much worse,
BOTNETS & ThingBots
Meanwhile, the attacks continue. Recently, experts at Akamai’s Prolexic Security Engineering & Response Team (PLXsert) spotted a new malware kit named Spike, which is used to run DDoS attacks through desktops and Internet of Things devices. The Spike thingbot was able to run different types of DDoS attacks, including SYN, UDP, Domain Name System query, and GET floods against Linux based machines, Windows, and ARM-based Linux hosts.
BOTNETS & ThingBots
The thingbot was composed of home routers, smart dryers, smart thermostats and other intelligent devices. Akamai noticed a number of devices for the Spike botnet ranging from 12,000 to 15,000. The researchers highlighted the ability of attackers to customize the malware also for ARM architectures widely adopted by IoT devices.
BOTNETS & ThingBots
Akamai published an interesting report on the Spike botnet that includes details related to DDoS attacks run by the threat actor. The experts observed that one of the attacks clocked 215 gigabits per second (Gbps) and 150 million packets per second (Mpps). The document confirms that, even if the majority of the DDoS attacks launched from low-powered devices could be insignificant, IoT devices could anyway represent a powerful weapon in the hand of the attackers.
BOTNETS & ThingBots
In March 2014, researchers at Team Cymru published a detailed report on a large scale SOHO pharming attack that hit more that 300,000 devices worldwide
Security researchers at Proofpoint have uncovered the very first wide-scale hack that involved television sets and at least one refrigerator. Yes, a fridge. This is being hailed as the first home appliance "botnet" and the first cyberattack from the Internet of Things.
The hack happened between December 23, 2013 and January 6, 2014, and featured waves of malicious email, typically sent in bursts of 100,000, three times per day, targeting enterprises and individuals worldwide. one-quarter, were sent by hacked home appliances. Hackers didn't have to be amazingly smart when breaking into home appliances. Many times they gained access because the home owners didn't set them up correctly, or used the default password that came with the device.
More Than 750,000 Phishing and SPAM Emails Launched From "Thingbots" Including Televisions, Fridge
Think about when we’ll have 22 Billion -_-
DDOS (Distributed Denial of Service ) attacks
Ddos one of the prefered hackivists as a methode of protest.
Internal or external DDOS
Cloudflare/prolexic/..= cost
Layer7 ddos = large amount get/pop or download large files => 3G/4G bandwith !!
Performance
Attackers could use thingbots to mine bitcoins !!
Malicious attackers can crash your devices, block them from connecting and drain their Battery
Attack could use them as a private proxy to mask their identity.
Decrease in performance
Privacy
Each of these devices has some level of capability to allow hackers to influence and gain knowledge about our lives. Compromised devices can share what our cameras see, change our environmental controls, and affect our very lives by changing settings on our medical devices. Samsung's latest voice-controlled TVs can listen to private conversations.
Our physical security is in danger
Create your thingbot
1. Compile bot’s code for a desired architecture or use a bot builder.
2. Spread it 3. Setup your C&C
Setup a honeypot
Deploying Dionaea on a Raspberry Pi using MHN
https://github.com/threatstream/mhn/wiki/Deploying-Dionaea-on-a-Raspberry-Pi
In computer terminology, a honeypot is a trap set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems
A honeypot is a trap