SlideShare ist ein Scribd-Unternehmen logo

Risk Factory: Let's Get Physical

Als PPT, PDF herunterladen
Risk Crew
Risk Crew

Security issues associated with the Internet of hings (IoT)

1 von 34
"Let’s Get Physical" Cyber Security in an IP-Enabled World
A simple, easy to use, online, B2B procurement portal for purchasing products and services to identify, minimise and manage the security threat to business data. www.riskfactory.com
Encryption Cracking Data Slurping Cookies Script Scrapers Script Kiddies Spyware Mockingbirds Road Apples Zombie Spim M alwar Botnets s SQL Injection Spoofers e Google Stealth Bombs Port Scanning Hacking Worm Root Kits Backdoors s Pharmin War Crackers gEavesdropping Steganography Driving Denial of Service Attacks X-Site Crawler Ear Wigging Scripting s Phishing Man-in-the Middle Adware Data Mining Attacks Suppression Screen Grabbers Fingerprinting Viruses Stripping Smurfing Social Engineering
Always do whatever's next… • Wireless • Bluetooth • Cloud
Our Internet Based On… … • 60’s concepts, requirements & funding • 70’s computing environments • 80’s operating systems, applications, networks, and programming languages • 90’s security technology • 2000’s operational and business practices
The End is Neigh In the next 2 years the present IP address space (IPv4) will reach its capacity.
Birth Follows Every Death It will be replaced by IPv6 which has addresses enough (about 5x10 to the 28 th power) for each of the 6.8 billion human beings on the planet.
In Other Words... Every human being on the planet could have their own personal network the size of today’s internet.
Why? • The Internet is preparing to leave its virtual world and enter our physical world. • IPv6 provides an infrastructure for assigning IP addresses to physical “things” • The networking of the virtual world to the physical world • The networking of “things” • Evolution: from a network of interconnected computers to a network of interconnected objects …
The "average" person owns somewhere between 1000 to 5000 things – possessions.
Imagine • What if you could put them all on your own network? • Have a complete inventory of everything you own and know where it is – real-time? • What if you could connect this network of your things to other networks and interact? • Life on this planet would be significantly and profoundly changed. • We’d never run out of anything. • No more theft as we know it – we’d know exactly where things are at any given movement anywhere on the planet
Wake Up • It’s all ready here • Internet of Things (IoT) • Concept founded by Auto-ID Centre at in MIT back in 1999 • Phase 1 underway, bottom up, level- specific functionality • Internet Protocol for Smart Objects (IPSO) Alliance founded 2008
IoT Characteristics Pervasive: present throughout Ubiquitous: everywhere at the same time Evolving: constantly changing Global: everywhere on this planet
Beyond Accidental "Anytime, anywhere, by anyone and everything"
A Day in the Life…
First Things First • Everything on the electrical grid - first • Balance of power (grids) – Plant to substations – Substations to lines – Lines – transformers – Transformers to homes
Second Things Second • Any “thing” with a power source to any “thing” with a power source and vice versa… – Refrigerator to a television – Toaster to smoke detector – Fire alarms to ovens – Smoke detectors to gas supplier
And Last But Not Least • Any “person” to any “thing” or any person? – You to your house – You to your appliances – You to your car – You to your….
Communication is Key • Need mobile “smart” communication devices to connect: – Things to things – People to things • IP Smart Objects (IPSO) • RFID chip the leader
IoT Language Hello: My UID is 1234567fa and my challenge is X4665 Bonjour: My UID is af7654321 and the answer to your challenge is Ab455839
Communication
Framework Netless: is an anamorphic structure of nodes that is capable of holding some amounts of digital data. each node is a small, low-power wireless digital transponder. There is no permanent network connection. Every time any node would appear in the vicinity of any other node - they would establish a wireless link and swap the data that was stored internally. Keywords: permission-less, parasitic network, off-line data- sharing, city-net, WAN, othernet, decentralized, node-network, sneakernet, sensor-network, grassroots-network, wireless.
Looks Like
Soylent Green is People! Newly developed ‘RFID Powder’, as invisible as a speck of dust: 0.05 mm x 0.05 x 0.005mm Chips are packed with 128 bits of static memory, enough to store a unique 38-digit ID number, 2.45 GHz, 1mW Can be embed directly into pieces of paper Current favored application: anti-counterfeiting
Already There • Retail stores using RFID for stock control • Vehicles paying by RFID on motorways • Cows, Dogs, Cats, Sheep implanted with RFID chips • Consumer products from cars and mobiles to children’s tennis shoes now equipped with GPS RFID chips
Security Requirements Can our current C.I.A. definition fit the IoT? Pervasive: present throughout? Ubiquitous: everywhere simultaneously? Emerging: constantly evolving? Global: everywhere on this planet?
Application Challenges
IP Challenges Packet spoofing Network traffic analysis Device analysis Device spoofing Encryption Key distribution Privacy protection Identity protection Identity and identifier management
IPSO Challenges • Devices are not reachable – Most of the time a device is not connected • Devices can be lost and stolen – Makes security difficult when the device is not connected • Devices are not crypto-engines – Strong security difficult without processing power • Devices have finite life – Credentials need to be tied to lifetime • Devices are transportable – Will cross borders • Devices need to be recognised by many readers
Privacy Challenges • What things you own • Where you bought them • The price you paid for them • Where they are located • What you use them for • How often you use them • What they connect to • Who they connect to
Fraud Challenges • "Thing" Theft • Counterfeit • Piracy
Professional Challenges • See the bigger picture - now • Anticipate the potential problems • Security professionals are always “catching up” to technology • Step up. Consider the implications of the next world of networked things • Prepare for it – now • Lead - Don’t follow.
26 Dover Street London United Kingdom W1S 4LY +44 (0)20 3586 1025 +44 (0)20 7763 7101(fax)

Empfohlen

Securing IoT Applications
Securing IoT Applications Securing IoT Applications
Securing IoT Applications WSO2
 
Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_netw...
Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_netw...Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_netw...
Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_netw...Advantec Distribution
 
IoT4Devs (1)
IoT4Devs (1)IoT4Devs (1)
IoT4Devs (1)Henri Cavalcante
 
Wns rogues wp_1011_v3
Wns rogues wp_1011_v3Wns rogues wp_1011_v3
Wns rogues wp_1011_v3Advantec Distribution
 
Dark Web Forensics
Dark Web Forensics Dark Web Forensics
Dark Web Forensics Deepak Kumar (D3)
 
Honeypots
HoneypotsHoneypots
HoneypotsJyoti Nagargoje
 
Anonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsAnonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsBiagio Botticelli
 
Cybersecurity in an IoT and Mobile World
Cybersecurity in an IoT and Mobile WorldCybersecurity in an IoT and Mobile World
Cybersecurity in an IoT and Mobile WorldAhmed Abu Eldahab
 

Empfohlen

Securing IoT Applications
Securing IoT Applications Securing IoT Applications
Securing IoT Applications WSO2
 
Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_netw...
Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_netw...Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_netw...
Tired of rogues_-_solutions_for_detecting_and_eliminating_rogue_wireless_netw...Advantec Distribution
 
IoT4Devs (1)
IoT4Devs (1)IoT4Devs (1)
IoT4Devs (1)Henri Cavalcante
 
Wns rogues wp_1011_v3
Wns rogues wp_1011_v3Wns rogues wp_1011_v3
Wns rogues wp_1011_v3Advantec Distribution
 
Dark Web Forensics
Dark Web Forensics Dark Web Forensics
Dark Web Forensics Deepak Kumar (D3)
 
Honeypots
HoneypotsHoneypots
HoneypotsJyoti Nagargoje
 
Anonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsAnonymity in the web based on routing protocols
Anonymity in the web based on routing protocolsBiagio Botticelli
 
Cybersecurity in an IoT and Mobile World
Cybersecurity in an IoT and Mobile WorldCybersecurity in an IoT and Mobile World
Cybersecurity in an IoT and Mobile WorldAhmed Abu Eldahab
 
Near field communication
Near field communicationNear field communication
Near field communicationNagesh Mishra
 
NFC near feald communication
NFC near feald communicationNFC near feald communication
NFC near feald communicationMADHANRAJXBOX360
 
Nfc
NfcNfc
NfcAniket Nambiar
 
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014Brian Knopf
 
Near field communication
Near field communicationNear field communication
Near field communicationanshu kumari
 
Near field communication and RFID - opening for new business
Near field communication and RFID - opening for new businessNear field communication and RFID - opening for new business
Near field communication and RFID - opening for new businessJosef Noll
 
Null mumbai-iot-workshop
Null mumbai-iot-workshopNull mumbai-iot-workshop
Null mumbai-iot-workshopNitesh Malviya
 
AI +電腦視覺+嵌入式系統
AI +電腦視覺+嵌入式系統AI +電腦視覺+嵌入式系統
AI +電腦視覺+嵌入式系統艾鍗科技
 
Tapit - An NFC overview 2013
Tapit - An NFC overview 2013Tapit - An NFC overview 2013
Tapit - An NFC overview 2013Tapit
 
4 g
4 g4 g
4 gSai Srinivas
 
World of IoT (Internet of Things).
World of IoT (Internet of Things).World of IoT (Internet of Things).
World of IoT (Internet of Things).BHAVIN GOSWAMI
 
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection SystemLuca Bongiorni
 
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...EC-Council
 
Bluetooth Hacking
Bluetooth HackingBluetooth Hacking
Bluetooth HackingBinghamton University
 
Bluejacking
BluejackingBluejacking
Bluejackingss30
 
WiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherWiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherShakacon
 
Nfc forum 14_feb07_press_and_analyst_briefing_slides
Nfc forum 14_feb07_press_and_analyst_briefing_slidesNfc forum 14_feb07_press_and_analyst_briefing_slides
Nfc forum 14_feb07_press_and_analyst_briefing_slidesBabu Kumar
 
NEAR FIELD COMMUNICATION (NFC)
NEAR FIELD COMMUNICATION (NFC)NEAR FIELD COMMUNICATION (NFC)
NEAR FIELD COMMUNICATION (NFC)JEEVAN GEORGE ANTONY
 
Air defense enterprise brochure
Air defense enterprise brochureAir defense enterprise brochure
Air defense enterprise brochureAdvantec Distribution
 
Wifi
WifiWifi
Wifinil65
 
Mrebollo reputacion para la identificación de grupos
Mrebollo reputacion para la identificación de gruposMrebollo reputacion para la identificación de grupos
Mrebollo reputacion para la identificación de gruposMiguel Rebollo
 
Història del cabanyal
Història del cabanyalHistòria del cabanyal
Història del cabanyalrogado26
 

Weitere ähnliche Inhalte

Was ist angesagt?

Near field communication
Near field communicationNear field communication
Near field communicationNagesh Mishra
 
NFC near feald communication
NFC near feald communicationNFC near feald communication
NFC near feald communicationMADHANRAJXBOX360
 
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014Brian Knopf
 
Near field communication
Near field communicationNear field communication
Near field communicationanshu kumari
 
Near field communication and RFID - opening for new business
Near field communication and RFID - opening for new businessNear field communication and RFID - opening for new business
Near field communication and RFID - opening for new businessJosef Noll
 
Null mumbai-iot-workshop
Null mumbai-iot-workshopNull mumbai-iot-workshop
Null mumbai-iot-workshopNitesh Malviya
 
AI +電腦視覺+嵌入式系統
AI +電腦視覺+嵌入式系統AI +電腦視覺+嵌入式系統
AI +電腦視覺+嵌入式系統艾鍗科技
 
Tapit - An NFC overview 2013
Tapit - An NFC overview 2013Tapit - An NFC overview 2013
Tapit - An NFC overview 2013Tapit
 
World of IoT (Internet of Things).
World of IoT (Internet of Things).World of IoT (Internet of Things).
World of IoT (Internet of Things).BHAVIN GOSWAMI
 
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection SystemLuca Bongiorni
 
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...EC-Council
 
Bluejacking
BluejackingBluejacking
Bluejackingss30
 
WiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherWiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherShakacon
 
Nfc forum 14_feb07_press_and_analyst_briefing_slides
Nfc forum 14_feb07_press_and_analyst_briefing_slidesNfc forum 14_feb07_press_and_analyst_briefing_slides
Nfc forum 14_feb07_press_and_analyst_briefing_slidesBabu Kumar
 
Wifi
WifiWifi
Wifinil65
 

Was ist angesagt? (20)

Near field communication
Near field communicationNear field communication
Near field communication
 
NFC near feald communication
NFC near feald communicationNFC near feald communication
NFC near feald communication
 
Nfc
NfcNfc
Nfc
 
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
IoT_and_the_Impact_on_Security_Brian_Knopf_ISSA-OC_July-2014
 
Near field communication
Near field communicationNear field communication
Near field communication
 
Near field communication and RFID - opening for new business
Near field communication and RFID - opening for new businessNear field communication and RFID - opening for new business
Near field communication and RFID - opening for new business
 
Null mumbai-iot-workshop
Null mumbai-iot-workshopNull mumbai-iot-workshop
Null mumbai-iot-workshop
 
AI +電腦視覺+嵌入式系統
AI +電腦視覺+嵌入式系統AI +電腦視覺+嵌入式系統
AI +電腦視覺+嵌入式系統
 
Tapit - An NFC overview 2013
Tapit - An NFC overview 2013Tapit - An NFC overview 2013
Tapit - An NFC overview 2013
 
4 g
4 g4 g
4 g
 
World of IoT (Internet of Things).
World of IoT (Internet of Things).World of IoT (Internet of Things).
World of IoT (Internet of Things).
 
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
iParanoid: an IMSI Catcher - Stingray Intrusion Detection System
 
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
LTE protocol exploits – IMSI catchers, blocking devices and location leaks - ...
 
Bluetooth Hacking
Bluetooth HackingBluetooth Hacking
Bluetooth Hacking
 
Bluejacking
BluejackingBluejacking
Bluejacking
 
WiFi-Based IMSI Catcher
WiFi-Based IMSI CatcherWiFi-Based IMSI Catcher
WiFi-Based IMSI Catcher
 
Nfc forum 14_feb07_press_and_analyst_briefing_slides
Nfc forum 14_feb07_press_and_analyst_briefing_slidesNfc forum 14_feb07_press_and_analyst_briefing_slides
Nfc forum 14_feb07_press_and_analyst_briefing_slides
 
NEAR FIELD COMMUNICATION (NFC)
NEAR FIELD COMMUNICATION (NFC)NEAR FIELD COMMUNICATION (NFC)
NEAR FIELD COMMUNICATION (NFC)
 
Air defense enterprise brochure
Air defense enterprise brochureAir defense enterprise brochure
Air defense enterprise brochure
 
Wifi
WifiWifi
Wifi
 

Andere mochten auch

Mrebollo reputacion para la identificación de grupos
Mrebollo reputacion para la identificación de gruposMrebollo reputacion para la identificación de grupos
Mrebollo reputacion para la identificación de gruposMiguel Rebollo
 
Història del cabanyal
Història del cabanyalHistòria del cabanyal
Història del cabanyalrogado26
 
analysis
analysisanalysis
analysissaurags
 
G321 evaluation questions
G321 evaluation questionsG321 evaluation questions
G321 evaluation questionsAmy Curtis
 
2-21-2013 Fashion Social Media
2-21-2013 Fashion Social Media2-21-2013 Fashion Social Media
2-21-2013 Fashion Social MediaMathieu Plourde
 
Derecho de autor y plagio 11-2
Derecho de autor y plagio 11-2Derecho de autor y plagio 11-2
Derecho de autor y plagio 11-2AnaJHerrera
 
James P. McDonnell, Jr.
James P. McDonnell, Jr.James P. McDonnell, Jr.
James P. McDonnell, Jr.John Rust
 
Fotostory marcel fa_pch2
Fotostory marcel fa_pch2Fotostory marcel fa_pch2
Fotostory marcel fa_pch2gibfive
 
Softpi18042014gen eng
Softpi18042014gen engSoftpi18042014gen eng
Softpi18042014gen engAndrea Guidi
 
Imagen en fondo de letras
Imagen en fondo de letrasImagen en fondo de letras
Imagen en fondo de letrasRodrigo Gomez
 
Mito de dafne y apolo
Mito de dafne y apoloMito de dafne y apolo
Mito de dafne y apoloMacarena Peri
 

Andere mochten auch (15)

Mrebollo reputacion para la identificación de grupos
Mrebollo reputacion para la identificación de gruposMrebollo reputacion para la identificación de grupos
Mrebollo reputacion para la identificación de grupos
 
Història del cabanyal
Història del cabanyalHistòria del cabanyal
Història del cabanyal
 
analysis
analysisanalysis
analysis
 
G321 evaluation questions
G321 evaluation questionsG321 evaluation questions
G321 evaluation questions
 
2-21-2013 Fashion Social Media
2-21-2013 Fashion Social Media2-21-2013 Fashion Social Media
2-21-2013 Fashion Social Media
 
Derecho de autor y plagio 11-2
Derecho de autor y plagio 11-2Derecho de autor y plagio 11-2
Derecho de autor y plagio 11-2
 
Vancouver vs apa
Vancouver vs apaVancouver vs apa
Vancouver vs apa
 
James P. McDonnell, Jr.
James P. McDonnell, Jr.James P. McDonnell, Jr.
James P. McDonnell, Jr.
 
Women Mean Business
Women Mean Business Women Mean Business
Women Mean Business
 
Fotostory marcel fa_pch2
Fotostory marcel fa_pch2Fotostory marcel fa_pch2
Fotostory marcel fa_pch2
 
Softpi18042014gen eng
Softpi18042014gen engSoftpi18042014gen eng
Softpi18042014gen eng
 
Resume
ResumeResume
Resume
 
Imagen en fondo de letras
Imagen en fondo de letrasImagen en fondo de letras
Imagen en fondo de letras
 
Det är nästan vår! av Ingemar Pongratz
Det är nästan vår! av Ingemar PongratzDet är nästan vår! av Ingemar Pongratz
Det är nästan vår! av Ingemar Pongratz
 
Mito de dafne y apolo
Mito de dafne y apoloMito de dafne y apolo
Mito de dafne y apolo
 

Ähnlich wie Risk Factory: Let's Get Physical

Fundamentals of Network security
Fundamentals of Network securityFundamentals of Network security
Fundamentals of Network securityAPNIC
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 
Some thoughts on IoT, HKNOG 4.0
Some thoughts on IoT, HKNOG 4.0Some thoughts on IoT, HKNOG 4.0
Some thoughts on IoT, HKNOG 4.0APNIC
 
2012: The End of the World?
2012: The End of the World?2012: The End of the World?
2012: The End of the World?Saumil Shah
 
Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Kenneth Carnesi, JD
 
BDW16 London - Chris von Csefalvay, Helioserv - Cats and What They Tell us Ab...
BDW16 London - Chris von Csefalvay, Helioserv - Cats and What They Tell us Ab...BDW16 London - Chris von Csefalvay, Helioserv - Cats and What They Tell us Ab...
BDW16 London - Chris von Csefalvay, Helioserv - Cats and What They Tell us Ab...Big Data Week
 
Keynote fx try harder 2 be yourself
Keynote fx try harder 2 be yourselfKeynote fx try harder 2 be yourself
Keynote fx try harder 2 be yourselfDefconRussia
 
The internet of everything
The internet of everythingThe internet of everything
The internet of everythingSergey Zhdanov
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerAbhinav Biswas
 
Nightmare on Connected Street
Nightmare on Connected StreetNightmare on Connected Street
Nightmare on Connected Streetgvanderh
 
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Cain Ransbottyn
 
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...Zoltan Balazs
 
IOT presentation.pptx
IOT presentation.pptxIOT presentation.pptx
IOT presentation.pptxchWaqasZahid
 
IoT and the industrial Internet of Things - june 20 2019
IoT and the industrial Internet of Things - june 20 2019IoT and the industrial Internet of Things - june 20 2019
IoT and the industrial Internet of Things - june 20 2019John D. Johnson
 
Internet of Things, Connected Infrastructure & The Modern Supply Chain
Internet of Things, Connected Infrastructure & The Modern Supply ChainInternet of Things, Connected Infrastructure & The Modern Supply Chain
Internet of Things, Connected Infrastructure & The Modern Supply ChainJeff Risley
 
beware of Thing Bot
beware of Thing Botbeware of Thing Bot
beware of Thing BotBellaj Badr
 
The Internet of Things and You
The Internet of Things and YouThe Internet of Things and You
The Internet of Things and YouTechWell
 

Ähnlich wie Risk Factory: Let's Get Physical (20)

Fundamentals of Network security
Fundamentals of Network securityFundamentals of Network security
Fundamentals of Network security
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
 
Some thoughts on IoT, HKNOG 4.0
Some thoughts on IoT, HKNOG 4.0Some thoughts on IoT, HKNOG 4.0
Some thoughts on IoT, HKNOG 4.0
 
Whymca 2009
Whymca 2009Whymca 2009
Whymca 2009
 
2012: The End of the World?
2012: The End of the World?2012: The End of the World?
2012: The End of the World?
 
Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01
 
BDW16 London - Chris von Csefalvay, Helioserv - Cats and What They Tell us Ab...
BDW16 London - Chris von Csefalvay, Helioserv - Cats and What They Tell us Ab...BDW16 London - Chris von Csefalvay, Helioserv - Cats and What They Tell us Ab...
BDW16 London - Chris von Csefalvay, Helioserv - Cats and What They Tell us Ab...
 
Keynote fx try harder 2 be yourself
Keynote fx try harder 2 be yourselfKeynote fx try harder 2 be yourself
Keynote fx try harder 2 be yourself
 
The internet of everything
The internet of everythingThe internet of everything
The internet of everything
 
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & DockerTouring the Dark Side of Internet: A Journey through IOT, TOR & Docker
Touring the Dark Side of Internet: A Journey through IOT, TOR & Docker
 
Nightmare on Connected Street
Nightmare on Connected StreetNightmare on Connected Street
Nightmare on Connected Street
 
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
Privacy is an Illusion and you’re all losers! - Cryptocow - Infosecurity 2013
 
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
Hacktivity 2016: The real risks of the IoT security-nightmare: Hacking IP cam...
 
IOT presentation.pptx
IOT presentation.pptxIOT presentation.pptx
IOT presentation.pptx
 
Understanding big data using IoT
Understanding big data using IoTUnderstanding big data using IoT
Understanding big data using IoT
 
IoT and the industrial Internet of Things - june 20 2019
IoT and the industrial Internet of Things - june 20 2019IoT and the industrial Internet of Things - june 20 2019
IoT and the industrial Internet of Things - june 20 2019
 
Internet of Things, Connected Infrastructure & The Modern Supply Chain
Internet of Things, Connected Infrastructure & The Modern Supply ChainInternet of Things, Connected Infrastructure & The Modern Supply Chain
Internet of Things, Connected Infrastructure & The Modern Supply Chain
 
beware of Thing Bot
beware of Thing Botbeware of Thing Bot
beware of Thing Bot
 
The Internet of Things and You
The Internet of Things and YouThe Internet of Things and You
The Internet of Things and You
 
Io t(internet of_things)
Io t(internet of_things)Io t(internet of_things)
Io t(internet of_things)
 

Mehr von Risk Crew

Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Risk Crew
 
Pcishrinktofitpresentation 151125162550-lva1-app6891
Pcishrinktofitpresentation 151125162550-lva1-app6891Pcishrinktofitpresentation 151125162550-lva1-app6891
Pcishrinktofitpresentation 151125162550-lva1-app6891Risk Crew
 
Databasetheft 151120161435-lva1-app6891
Databasetheft 151120161435-lva1-app6891Databasetheft 151120161435-lva1-app6891
Databasetheft 151120161435-lva1-app6891Risk Crew
 
Risk Factory: Inside the Mind of a Hacker
Risk Factory: Inside the Mind of a HackerRisk Factory: Inside the Mind of a Hacker
Risk Factory: Inside the Mind of a HackerRisk Crew
 
Risk Factory The 2014 Numbers
Risk Factory The 2014 NumbersRisk Factory The 2014 Numbers
Risk Factory The 2014 NumbersRisk Crew
 
Risk Factory Information Security Coordination Challenges & Best Practice
Risk Factory Information Security Coordination Challenges & Best PracticeRisk Factory Information Security Coordination Challenges & Best Practice
Risk Factory Information Security Coordination Challenges & Best PracticeRisk Crew
 
Risk Factory Big Daddy Digs Big Data
Risk Factory Big Daddy Digs Big DataRisk Factory Big Daddy Digs Big Data
Risk Factory Big Daddy Digs Big DataRisk Crew
 
Risk Factory: Top 10 Risks 2013
Risk Factory: Top 10 Risks 2013Risk Factory: Top 10 Risks 2013
Risk Factory: Top 10 Risks 2013Risk Crew
 
Risk Factory: Getting a Grip on Mobile Devices
Risk Factory: Getting a Grip on Mobile DevicesRisk Factory: Getting a Grip on Mobile Devices
Risk Factory: Getting a Grip on Mobile DevicesRisk Crew
 
Risk Factory: PCI - The Essentials
Risk Factory: PCI - The EssentialsRisk Factory: PCI - The Essentials
Risk Factory: PCI - The EssentialsRisk Crew
 
Risk Factory: How to Implement an Effective Incident Response Programme
Risk Factory: How to Implement an Effective Incident Response ProgrammeRisk Factory: How to Implement an Effective Incident Response Programme
Risk Factory: How to Implement an Effective Incident Response ProgrammeRisk Crew
 
Risk Factory: Beyond Data Leakage
Risk Factory: Beyond Data LeakageRisk Factory: Beyond Data Leakage
Risk Factory: Beyond Data LeakageRisk Crew
 
Risk Factory: Security Lessons From the Online Adult Entertainment Industry
Risk Factory: Security Lessons From the Online Adult Entertainment IndustryRisk Factory: Security Lessons From the Online Adult Entertainment Industry
Risk Factory: Security Lessons From the Online Adult Entertainment IndustryRisk Crew
 
Risk Factory: PCI Shrink to Fit
Risk Factory: PCI Shrink to FitRisk Factory: PCI Shrink to Fit
Risk Factory: PCI Shrink to FitRisk Crew
 
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Crew
 
Risk Factory: Database Security: Oxymoron?
Risk Factory: Database Security: Oxymoron? Risk Factory: Database Security: Oxymoron?
Risk Factory: Database Security: Oxymoron? Risk Crew
 
Risk Factory: Modems the Forgotten Back Door
Risk Factory: Modems the Forgotten Back DoorRisk Factory: Modems the Forgotten Back Door
Risk Factory: Modems the Forgotten Back DoorRisk Crew
 
Risk Factory How to Steal an Identity
Risk Factory How to Steal an IdentityRisk Factory How to Steal an Identity
Risk Factory How to Steal an IdentityRisk Crew
 
Risk Factory: The State of Electronic Eavesdropping
Risk Factory: The State of Electronic EavesdroppingRisk Factory: The State of Electronic Eavesdropping
Risk Factory: The State of Electronic EavesdroppingRisk Crew
 
Risk Factory Geo-location Security Issues & Best Practices
Risk Factory Geo-location Security Issues & Best PracticesRisk Factory Geo-location Security Issues & Best Practices
Risk Factory Geo-location Security Issues & Best PracticesRisk Crew
 

Mehr von Risk Crew (20)

Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892Riskfactorypcitheessentials 151125164111-lva1-app6892
Riskfactorypcitheessentials 151125164111-lva1-app6892
 
Pcishrinktofitpresentation 151125162550-lva1-app6891
Pcishrinktofitpresentation 151125162550-lva1-app6891Pcishrinktofitpresentation 151125162550-lva1-app6891
Pcishrinktofitpresentation 151125162550-lva1-app6891
 
Databasetheft 151120161435-lva1-app6891
Databasetheft 151120161435-lva1-app6891Databasetheft 151120161435-lva1-app6891
Databasetheft 151120161435-lva1-app6891
 
Risk Factory: Inside the Mind of a Hacker
Risk Factory: Inside the Mind of a HackerRisk Factory: Inside the Mind of a Hacker
Risk Factory: Inside the Mind of a Hacker
 
Risk Factory The 2014 Numbers
Risk Factory The 2014 NumbersRisk Factory The 2014 Numbers
Risk Factory The 2014 Numbers
 
Risk Factory Information Security Coordination Challenges & Best Practice
Risk Factory Information Security Coordination Challenges & Best PracticeRisk Factory Information Security Coordination Challenges & Best Practice
Risk Factory Information Security Coordination Challenges & Best Practice
 
Risk Factory Big Daddy Digs Big Data
Risk Factory Big Daddy Digs Big DataRisk Factory Big Daddy Digs Big Data
Risk Factory Big Daddy Digs Big Data
 
Risk Factory: Top 10 Risks 2013
Risk Factory: Top 10 Risks 2013Risk Factory: Top 10 Risks 2013
Risk Factory: Top 10 Risks 2013
 
Risk Factory: Getting a Grip on Mobile Devices
Risk Factory: Getting a Grip on Mobile DevicesRisk Factory: Getting a Grip on Mobile Devices
Risk Factory: Getting a Grip on Mobile Devices
 
Risk Factory: PCI - The Essentials
Risk Factory: PCI - The EssentialsRisk Factory: PCI - The Essentials
Risk Factory: PCI - The Essentials
 
Risk Factory: How to Implement an Effective Incident Response Programme
Risk Factory: How to Implement an Effective Incident Response ProgrammeRisk Factory: How to Implement an Effective Incident Response Programme
Risk Factory: How to Implement an Effective Incident Response Programme
 
Risk Factory: Beyond Data Leakage
Risk Factory: Beyond Data LeakageRisk Factory: Beyond Data Leakage
Risk Factory: Beyond Data Leakage
 
Risk Factory: Security Lessons From the Online Adult Entertainment Industry
Risk Factory: Security Lessons From the Online Adult Entertainment IndustryRisk Factory: Security Lessons From the Online Adult Entertainment Industry
Risk Factory: Security Lessons From the Online Adult Entertainment Industry
 
Risk Factory: PCI Shrink to Fit
Risk Factory: PCI Shrink to FitRisk Factory: PCI Shrink to Fit
Risk Factory: PCI Shrink to Fit
 
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the Cloud
 
Risk Factory: Database Security: Oxymoron?
Risk Factory: Database Security: Oxymoron? Risk Factory: Database Security: Oxymoron?
Risk Factory: Database Security: Oxymoron?
 
Risk Factory: Modems the Forgotten Back Door
Risk Factory: Modems the Forgotten Back DoorRisk Factory: Modems the Forgotten Back Door
Risk Factory: Modems the Forgotten Back Door
 
Risk Factory How to Steal an Identity
Risk Factory How to Steal an IdentityRisk Factory How to Steal an Identity
Risk Factory How to Steal an Identity
 
Risk Factory: The State of Electronic Eavesdropping
Risk Factory: The State of Electronic EavesdroppingRisk Factory: The State of Electronic Eavesdropping
Risk Factory: The State of Electronic Eavesdropping
 
Risk Factory Geo-location Security Issues & Best Practices
Risk Factory Geo-location Security Issues & Best PracticesRisk Factory Geo-location Security Issues & Best Practices
Risk Factory Geo-location Security Issues & Best Practices
 

Risk Factory: Let's Get Physical

  • 1. "Let’s Get Physical" Cyber Security in an IP-Enabled World
  • 2. A simple, easy to use, online, B2B procurement portal for purchasing products and services to identify, minimise and manage the security threat to business data. www.riskfactory.com
  • 3. Encryption Cracking Data Slurping Cookies Script Scrapers Script Kiddies Spyware Mockingbirds Road Apples Zombie Spim M alwar Botnets s SQL Injection Spoofers e Google Stealth Bombs Port Scanning Hacking Worm Root Kits Backdoors s Pharmin War Crackers gEavesdropping Steganography Driving Denial of Service Attacks X-Site Crawler Ear Wigging Scripting s Phishing Man-in-the Middle Adware Data Mining Attacks Suppression Screen Grabbers Fingerprinting Viruses Stripping Smurfing Social Engineering
  • 4. Always do whatever's next… • Wireless • Bluetooth • Cloud
  • 5. Our Internet Based On… … • 60’s concepts, requirements & funding • 70’s computing environments • 80’s operating systems, applications, networks, and programming languages • 90’s security technology • 2000’s operational and business practices
  • 6. The End is Neigh In the next 2 years the present IP address space (IPv4) will reach its capacity.
  • 7. Birth Follows Every Death It will be replaced by IPv6 which has addresses enough (about 5x10 to the 28 th power) for each of the 6.8 billion human beings on the planet.
  • 8. In Other Words... Every human being on the planet could have their own personal network the size of today’s internet.
  • 9. Why? • The Internet is preparing to leave its virtual world and enter our physical world. • IPv6 provides an infrastructure for assigning IP addresses to physical “things” • The networking of the virtual world to the physical world • The networking of “things” • Evolution: from a network of interconnected computers to a network of interconnected objects …
  • 10. The "average" person owns somewhere between 1000 to 5000 things – possessions.
  • 11. Imagine • What if you could put them all on your own network? • Have a complete inventory of everything you own and know where it is – real-time? • What if you could connect this network of your things to other networks and interact? • Life on this planet would be significantly and profoundly changed. • We’d never run out of anything. • No more theft as we know it – we’d know exactly where things are at any given movement anywhere on the planet
  • 12. Wake Up • It’s all ready here • Internet of Things (IoT) • Concept founded by Auto-ID Centre at in MIT back in 1999 • Phase 1 underway, bottom up, level- specific functionality • Internet Protocol for Smart Objects (IPSO) Alliance founded 2008
  • 13. IoT Characteristics Pervasive: present throughout Ubiquitous: everywhere at the same time Evolving: constantly changing Global: everywhere on this planet
  • 14. Beyond Accidental "Anytime, anywhere, by anyone and everything"
  • 15. A Day in the Life…
  • 16. First Things First • Everything on the electrical grid - first • Balance of power (grids) – Plant to substations – Substations to lines – Lines – transformers – Transformers to homes
  • 17. Second Things Second • Any “thing” with a power source to any “thing” with a power source and vice versa… – Refrigerator to a television – Toaster to smoke detector – Fire alarms to ovens – Smoke detectors to gas supplier
  • 18. And Last But Not Least • Any “person” to any “thing” or any person? – You to your house – You to your appliances – You to your car – You to your….
  • 19. Communication is Key • Need mobile “smart” communication devices to connect: – Things to things – People to things • IP Smart Objects (IPSO) • RFID chip the leader
  • 20. IoT Language Hello: My UID is 1234567fa and my challenge is X4665 Bonjour: My UID is af7654321 and the answer to your challenge is Ab455839
  • 22. Framework Netless: is an anamorphic structure of nodes that is capable of holding some amounts of digital data. each node is a small, low-power wireless digital transponder. There is no permanent network connection. Every time any node would appear in the vicinity of any other node - they would establish a wireless link and swap the data that was stored internally. Keywords: permission-less, parasitic network, off-line data- sharing, city-net, WAN, othernet, decentralized, node-network, sneakernet, sensor-network, grassroots-network, wireless.
  • 24. Soylent Green is People! Newly developed ‘RFID Powder’, as invisible as a speck of dust: 0.05 mm x 0.05 x 0.005mm Chips are packed with 128 bits of static memory, enough to store a unique 38-digit ID number, 2.45 GHz, 1mW Can be embed directly into pieces of paper Current favored application: anti-counterfeiting
  • 25. Already There • Retail stores using RFID for stock control • Vehicles paying by RFID on motorways • Cows, Dogs, Cats, Sheep implanted with RFID chips • Consumer products from cars and mobiles to children’s tennis shoes now equipped with GPS RFID chips
  • 26. Security Requirements Can our current C.I.A. definition fit the IoT? Pervasive: present throughout? Ubiquitous: everywhere simultaneously? Emerging: constantly evolving? Global: everywhere on this planet?
  • 28. IP Challenges Packet spoofing Network traffic analysis Device analysis Device spoofing Encryption Key distribution Privacy protection Identity protection Identity and identifier management
  • 29. IPSO Challenges • Devices are not reachable – Most of the time a device is not connected • Devices can be lost and stolen – Makes security difficult when the device is not connected • Devices are not crypto-engines – Strong security difficult without processing power • Devices have finite life – Credentials need to be tied to lifetime • Devices are transportable – Will cross borders • Devices need to be recognised by many readers
  • 30. Privacy Challenges • What things you own • Where you bought them • The price you paid for them • Where they are located • What you use them for • How often you use them • What they connect to • Who they connect to
  • 31.
  • 32. Fraud Challenges • "Thing" Theft • Counterfeit • Piracy
  • 33. Professional Challenges • See the bigger picture - now • Anticipate the potential problems • Security professionals are always “catching up” to technology • Step up. Consider the implications of the next world of networked things • Prepare for it – now • Lead - Don’t follow.
  • 34. 26 Dover Street London United Kingdom W1S 4LY +44 (0)20 3586 1025 +44 (0)20 7763 7101(fax)

Hinweis der Redaktion

  1. Give out cards
  2. Give out cards
  3. Oldest crime on record – not prostitution First recorded case of identity theft Bible: Genesis XXX