SlideShare a Scribd company logo

Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things

K
Katedra Informatologii. Wydział Dziennikarstwa, Informacji i Bibliologii, Uniwersytet Warszawski

V Międzynarodowa Konferencja Naukowa Nauka o informacji (informacja naukowa) w okresie zmian Innowacyjne usługi informacyjne. Wydział Dziennikarstwa, Informacji i Bibliologii Katedra Informatologii, Uniwersytet Warszawski, Warszawa, 15 – 16 maja 2017

Education
1 of 15
Download to read offline
CYBERSECURITY AND THE INTERNET OF THINGS Chris Biedermann Chief Financial Officer, Chief Data Security Officer – Emitel PhD Student – Warsaw University of Technology
Information is Everywhere • Why a discussion on “The Internet of Things” at a conference on Information Services? • With the dramatic growth in connected devices information is now effectively accumulated and stored a vast array of common devices • Commonplace “things” that in the past posed no security risk now need to be thought of in a different light • Source of confidential information that needs to be adequately protected • End point that can be used to attack larger systems • The basic tenants of cybersecurity “CIA” need to be incorporated into how we view everyday devices
What is “IOT” • IOT – the “Internet of Things” • A growing universe of “things” that are now connected to the internet • Includes appliances, switches, cars, medical devices, etc… • Connecting to the internet opens up a vast array of new opportunities
The IoT Connecting a myriad of devices (actuators and sensors) with each other and to higher level processing centers in the cloud - Cloud can utilize more sophisticated algorithms - Cloud can store massive amount of data collected for more intelligent analysis (data mining) Communication performed utilizing the internet and internet protocols
Growth of the IoT • Still in the early stage • Gartner estimates that by 2020 over 20 billion IoT connected devices will be in place • Ericsson predicted that by the end of 2018 there will be more IoT connections than phone subsriptions Source: NCTA, Gartner
IoT Growth will bring new opportunities • Smart Home • Smart City • Smart Medical Devices • Self Driving Cars
New sources of risks • New ways to hack or disrupt systems • New sources of data privacy concerns • All sorts of common day “things” may be storing potentially Confidential and Personally identifiable information • Day to day habits of consumers will be tracked in ways not seen before • All this data has value for both legitimate and non legitimate persons
Case Study: example of IoT security risk • Example - DDoS Attack in October 2016 • DDoS attack utilized distributed computers to overwhelm a target server • Unknown group launched the attack (using Marai botnet) on DNS server that served major corporations such as Amazon, Twitter, Netflix • Unique as attacked utilized vulnerabilities in common IoT devices (e.g. smart TV’s) to carry out the attack
Infected devices found in over 164 countries • Devices that were most vulnerable and therefore most likely hijacked were home security systems, home monitoring cameras and smart TVs
Poor security practices are primarily to blame • The malicious software (Marai) found easy targets by scanning IP addresses looking for poorly secured devices • Many simple IoT devices such as IP cameras or smartTV’s did not have passwords changed from default ones. • In some cases the devices had hardcoded passwords that could not be changed • Once attackers had control of the device they could use it to launch the DDoS attack
Implications • Hijacking of devices • Marai example • Baby monitors • Japanese toilet example • Many devices track non standard personal information (e.g. track behaviors of people) – information is valuable and can be sold • What are we doing • What are we using • Where are we going • Significant improvement in overall state of IoT Security required
IoT security – underlying issues • IT was estimated that less than 10% of IoT devices on the market are designed with adequate security • Lack of consumer awareness • IoT devices however present unique new challenges – the tend to have lower processing power and memory than traditional connected devices – difficulties with • Encryption methodologies • Automatic patching and updates • installation of anti-virus programs • Lack of standards Source: IoT Security Foudnation
Potential Solutions • Technologies will improve to provide some solutions • However other fundamental changes need to take place • Drive for open standards • In most cases today systems from different producers operate in silos and can not talk to each other • Industry change and consolidation • Many smaller players developing proprietary systems • Consumer education
Considerations for average consumer • Awareness – know what devices are connected and the associated risks • Any malware placed on computing devices (e.g. PC, tablet, phone) can be used to access IoT devices on the same network • Similar guidelines as with PC’s • Always change default passwords • Create strong passwords (.eg. I*have*3*children) • Social Engineering Be careful of phishing emails
Questions?

Recommended

IoT Devices Expanding Your Digital Footprint
IoT Devices Expanding Your Digital FootprintIoT Devices Expanding Your Digital Footprint
IoT Devices Expanding Your Digital FootprintSurfWatch Labs
 
IOT Security - ICCT College of Engineering
IOT Security - ICCT College of EngineeringIOT Security - ICCT College of Engineering
IOT Security - ICCT College of EngineeringPotato
 
Its not ITs problem
Its not ITs problemIts not ITs problem
Its not ITs problemShiva Bissessar
 
Cybercrime Bill 2014: Due Diligence
Cybercrime Bill 2014: Due DiligenceCybercrime Bill 2014: Due Diligence
Cybercrime Bill 2014: Due DiligenceShiva Bissessar
 
Ethical, Legal and Social issues IoT
Ethical, Legal and Social issues IoTEthical, Legal and Social issues IoT
Ethical, Legal and Social issues IoTLuckeylama
 
Cybersecurity-Real World Approach FINAL 2-24-16
Cybersecurity-Real World Approach FINAL 2-24-16Cybersecurity-Real World Approach FINAL 2-24-16
Cybersecurity-Real World Approach FINAL 2-24-16James Rutt
 
Ethics, Professionalism and Other Emerging Technologies
Ethics, Professionalism and Other Emerging TechnologiesEthics, Professionalism and Other Emerging Technologies
Ethics, Professionalism and Other Emerging TechnologiesPrakhyath Rai
 
Shubham hatzade
Shubham hatzadeShubham hatzade
Shubham hatzadeShubhamHatzade3
 

Recommended

IoT Devices Expanding Your Digital Footprint
IoT Devices Expanding Your Digital FootprintIoT Devices Expanding Your Digital Footprint
IoT Devices Expanding Your Digital FootprintSurfWatch Labs
 
IOT Security - ICCT College of Engineering
IOT Security - ICCT College of EngineeringIOT Security - ICCT College of Engineering
IOT Security - ICCT College of EngineeringPotato
 
Its not ITs problem
Its not ITs problemIts not ITs problem
Its not ITs problemShiva Bissessar
 
Cybercrime Bill 2014: Due Diligence
Cybercrime Bill 2014: Due DiligenceCybercrime Bill 2014: Due Diligence
Cybercrime Bill 2014: Due DiligenceShiva Bissessar
 
Ethical, Legal and Social issues IoT
Ethical, Legal and Social issues IoTEthical, Legal and Social issues IoT
Ethical, Legal and Social issues IoTLuckeylama
 
Cybersecurity-Real World Approach FINAL 2-24-16
Cybersecurity-Real World Approach FINAL 2-24-16Cybersecurity-Real World Approach FINAL 2-24-16
Cybersecurity-Real World Approach FINAL 2-24-16James Rutt
 
Ethics, Professionalism and Other Emerging Technologies
Ethics, Professionalism and Other Emerging TechnologiesEthics, Professionalism and Other Emerging Technologies
Ethics, Professionalism and Other Emerging TechnologiesPrakhyath Rai
 
Shubham hatzade
Shubham hatzadeShubham hatzade
Shubham hatzadeShubhamHatzade3
 
Information security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information securityInformation security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information securityNeha Raju k
 
PECB Webinar: The Internet of Things
PECB Webinar: The Internet of ThingsPECB Webinar: The Internet of Things
PECB Webinar: The Internet of ThingsPECB
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective amarukanda
 
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014Adrian Wright
 
Iot ppt
Iot pptIot ppt
Iot pptdhritykachhwaha
 
All The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected DevicesAll The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected DevicesJohn D. Johnson
 
Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015Dr Robert D. Childs
 
Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and InvestigationNeha Raju k
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about themBen Rothke
 
Network security
Network securityNetwork security
Network securityhajra azam
 
Data security
Data securityData security
Data securitySoumen Mondal
 
Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2MLG College of Learning, Inc
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsdentpress
 
Securing Your Digital Files from Legal Threats
Securing Your Digital Files from Legal ThreatsSecuring Your Digital Files from Legal Threats
Securing Your Digital Files from Legal ThreatsAbbie Hosta
 
Presentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawPresentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawftii
 
3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputationNikec Solutions
 
Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Huntsman Security
 
PPIT Lecture 1
PPIT Lecture 1PPIT Lecture 1
PPIT Lecture 1Kashif Sohail
 
Data Security
Data SecurityData Security
Data SecurityAkNirojan
 
CYBERFORENSICS
CYBERFORENSICSCYBERFORENSICS
CYBERFORENSICSDr. Prashant Vats
 
Laurence Favier, University Charles De Gaulle – Lille 3: Social Influence and...
Laurence Favier, University Charles De Gaulle – Lille 3: Social Influence and...Laurence Favier, University Charles De Gaulle – Lille 3: Social Influence and...
Laurence Favier, University Charles De Gaulle – Lille 3: Social Influence and...Katedra Informatologii. Wydział Dziennikarstwa, Informacji i Bibliologii, Uniwersytet Warszawski
 
Alicja Waszkiewicz-Raviv: Visual Information and Visual Persuasion in Public ...
Alicja Waszkiewicz-Raviv: Visual Information and Visual Persuasion in Public ...Alicja Waszkiewicz-Raviv: Visual Information and Visual Persuasion in Public ...
Alicja Waszkiewicz-Raviv: Visual Information and Visual Persuasion in Public ...Katedra Informatologii. Wydział Dziennikarstwa, Informacji i Bibliologii, Uniwersytet Warszawski
 

More Related Content

What's hot

Information security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information securityInformation security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information securityNeha Raju k
 
PECB Webinar: The Internet of Things
PECB Webinar: The Internet of ThingsPECB Webinar: The Internet of Things
PECB Webinar: The Internet of ThingsPECB
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective amarukanda
 
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014Adrian Wright
 
All The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected DevicesAll The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected DevicesJohn D. Johnson
 
Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and InvestigationNeha Raju k
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about themBen Rothke
 
Network security
Network securityNetwork security
Network securityhajra azam
 
Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2MLG College of Learning, Inc
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsdentpress
 
Securing Your Digital Files from Legal Threats
Securing Your Digital Files from Legal ThreatsSecuring Your Digital Files from Legal Threats
Securing Your Digital Files from Legal ThreatsAbbie Hosta
 
Presentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawPresentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawftii
 
3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputationNikec Solutions
 
Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Huntsman Security
 
Data Security
Data SecurityData Security
Data SecurityAkNirojan
 

What's hot (20)

Information security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information securityInformation security fundamentals topic 2: Evolution of Information security
Information security fundamentals topic 2: Evolution of Information security
 
PECB Webinar: The Internet of Things
PECB Webinar: The Internet of ThingsPECB Webinar: The Internet of Things
PECB Webinar: The Internet of Things
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective a
 
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014
ISSA-UK - Securing the Internet of Things - CIO Seminar 13 May 2014
 
Iot ppt
Iot pptIot ppt
Iot ppt
 
All The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected DevicesAll The Things: Security, Privacy & Safety in a World of Connected Devices
All The Things: Security, Privacy & Safety in a World of Connected Devices
 
Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015Resiliency-Part One -11-3-2015
Resiliency-Part One -11-3-2015
 
Computer forensics and Investigation
Computer forensics and InvestigationComputer forensics and Investigation
Computer forensics and Investigation
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about them
 
Network security
Network securityNetwork security
Network security
 
Data security
Data securityData security
Data security
 
Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2Information Assurance And Security - Chapter 2 - Lesson 2
Information Assurance And Security - Chapter 2 - Lesson 2
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 
Securing Your Digital Files from Legal Threats
Securing Your Digital Files from Legal ThreatsSecuring Your Digital Files from Legal Threats
Securing Your Digital Files from Legal Threats
 
Presentasi ftii intlcyberlaw
Presentasi ftii intlcyberlawPresentasi ftii intlcyberlaw
Presentasi ftii intlcyberlaw
 
3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation
 
Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)
 
PPIT Lecture 1
PPIT Lecture 1PPIT Lecture 1
PPIT Lecture 1
 
Data Security
Data SecurityData Security
Data Security
 
CYBERFORENSICS
CYBERFORENSICSCYBERFORENSICS
CYBERFORENSICS
 

Viewers also liked

Nauka o informacji w XXI wieku (nowa prezentacja)
Nauka o informacji w XXI wieku (nowa prezentacja) Nauka o informacji w XXI wieku (nowa prezentacja)
Nauka o informacji w XXI wieku (nowa prezentacja) Sabina Cisek
 
Zachowania informacyjne
Zachowania informacyjneZachowania informacyjne
Zachowania informacyjneSabina Cisek
 

Viewers also liked (18)

Laurence Favier, University Charles De Gaulle – Lille 3: Social Influence and...
Laurence Favier, University Charles De Gaulle – Lille 3: Social Influence and...Laurence Favier, University Charles De Gaulle – Lille 3: Social Influence and...
Laurence Favier, University Charles De Gaulle – Lille 3: Social Influence and...
 
Alicja Waszkiewicz-Raviv: Visual Information and Visual Persuasion in Public ...
Alicja Waszkiewicz-Raviv: Visual Information and Visual Persuasion in Public ...Alicja Waszkiewicz-Raviv: Visual Information and Visual Persuasion in Public ...
Alicja Waszkiewicz-Raviv: Visual Information and Visual Persuasion in Public ...
 
Samia Takhtoukh: The Practices of Historians in the Digital Age: a case study
Samia Takhtoukh: The Practices of Historians in the Digital Age: a case studySamia Takhtoukh: The Practices of Historians in the Digital Age: a case study
Samia Takhtoukh: The Practices of Historians in the Digital Age: a case study
 
Nauka o informacji w XXI wieku (nowa prezentacja)
Nauka o informacji w XXI wieku (nowa prezentacja) Nauka o informacji w XXI wieku (nowa prezentacja)
Nauka o informacji w XXI wieku (nowa prezentacja)
 
Radosław Lipiński: Information Flow Model as an Effective Tool For Supporting...
Radosław Lipiński: Information Flow Model as an Effective Tool For Supporting...Radosław Lipiński: Information Flow Model as an Effective Tool For Supporting...
Radosław Lipiński: Information Flow Model as an Effective Tool For Supporting...
 
Emmanuelle Chevry Pébayle:Towards Open Innovation of Services Using Social Me...
Emmanuelle Chevry Pébayle:Towards Open Innovation of Services Using Social Me...Emmanuelle Chevry Pébayle:Towards Open Innovation of Services Using Social Me...
Emmanuelle Chevry Pébayle:Towards Open Innovation of Services Using Social Me...
 
Amel Fraisse, Ronald Jenn, Quoc-Tan Tran, Samia Takhtoukh: Merging Crowdsourc...
Amel Fraisse, Ronald Jenn, Quoc-Tan Tran, Samia Takhtoukh: Merging Crowdsourc...Amel Fraisse, Ronald Jenn, Quoc-Tan Tran, Samia Takhtoukh: Merging Crowdsourc...
Amel Fraisse, Ronald Jenn, Quoc-Tan Tran, Samia Takhtoukh: Merging Crowdsourc...
 
Gerhard Budin, University of Vienna: Beyond Accessibility: “Operational Usabi...
Gerhard Budin, University of Vienna: Beyond Accessibility: “Operational Usabi...Gerhard Budin, University of Vienna: Beyond Accessibility: “Operational Usabi...
Gerhard Budin, University of Vienna: Beyond Accessibility: “Operational Usabi...
 
Zachowania informacyjne
Zachowania informacyjneZachowania informacyjne
Zachowania informacyjne
 
Mieczysław Muraszkiewicz, Warsaw University of Technology: Artificial Intelli...
Mieczysław Muraszkiewicz, Warsaw University of Technology: Artificial Intelli...Mieczysław Muraszkiewicz, Warsaw University of Technology: Artificial Intelli...
Mieczysław Muraszkiewicz, Warsaw University of Technology: Artificial Intelli...
 
Maciej Dziubecki, Aleph Poland: Applying UX Principles to the Design of Libra...
Maciej Dziubecki, Aleph Poland: Applying UX Principles to the Design of Libra...Maciej Dziubecki, Aleph Poland: Applying UX Principles to the Design of Libra...
Maciej Dziubecki, Aleph Poland: Applying UX Principles to the Design of Libra...
 
Tan Tran: Ethical Dimension in Knowledge Organization Systems and Applicable ...
Tan Tran: Ethical Dimension in Knowledge Organization Systems and Applicable ...Tan Tran: Ethical Dimension in Knowledge Organization Systems and Applicable ...
Tan Tran: Ethical Dimension in Knowledge Organization Systems and Applicable ...
 
Mariusz Luterek: E-government as a research field
Mariusz Luterek: E-government as a research field Mariusz Luterek: E-government as a research field
Mariusz Luterek: E-government as a research field
 
Erika Janiūnienė, Lina Markevičiūtė: The Quality Assessment of Information Se...
Erika Janiūnienė, Lina Markevičiūtė: The Quality Assessment of Information Se...Erika Janiūnienė, Lina Markevičiūtė: The Quality Assessment of Information Se...
Erika Janiūnienė, Lina Markevičiūtė: The Quality Assessment of Information Se...
 
Karolina Zawada: Toruń University’s Open Access Data Project – the new role f...
Karolina Zawada: Toruń University’s Open Access Data Project – the new role f...Karolina Zawada: Toruń University’s Open Access Data Project – the new role f...
Karolina Zawada: Toruń University’s Open Access Data Project – the new role f...
 
Pablo Benalcazar: Modern Tools on Patent Thicket Identification
Pablo Benalcazar: Modern Tools on Patent Thicket IdentificationPablo Benalcazar: Modern Tools on Patent Thicket Identification
Pablo Benalcazar: Modern Tools on Patent Thicket Identification
 
Zhenfei Feng: The Impact of Social Influence on Users’ Ratings of Movies
Zhenfei Feng: The Impact of Social Influence on Users’ Ratings of MoviesZhenfei Feng: The Impact of Social Influence on Users’ Ratings of Movies
Zhenfei Feng: The Impact of Social Influence on Users’ Ratings of Movies
 
Tibor Koltay, Eszterházy Károly University: Beyond Literacies: The evolving l...
Tibor Koltay, Eszterházy Károly University: Beyond Literacies: The evolving l...Tibor Koltay, Eszterházy Károly University: Beyond Literacies: The evolving l...
Tibor Koltay, Eszterházy Károly University: Beyond Literacies: The evolving l...
 

Similar to Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things

Assign 1_8812814ctm.pptx
Assign 1_8812814ctm.pptxAssign 1_8812814ctm.pptx
Assign 1_8812814ctm.pptxpdevang
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT Ahmed Banafa
 
This Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is DifferentThis Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is DifferentJustin Grammens
 
IoT and the industrial Internet of Things - june 20 2019
IoT and the industrial Internet of Things - june 20 2019IoT and the industrial Internet of Things - june 20 2019
IoT and the industrial Internet of Things - june 20 2019John D. Johnson
 
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...ClicTest
 
(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)
(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)
(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)Rui Miguel Feio
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 
IOT presentation.pptx
IOT presentation.pptxIOT presentation.pptx
IOT presentation.pptxchWaqasZahid
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav SinghGaurav Singh
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythSecurity Innovation
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdfKARANSINGHD
 
Key challenges facing the future of IoT
Key challenges facing the future of IoTKey challenges facing the future of IoT
Key challenges facing the future of IoTAhmed Banafa
 
Future of IoT: Key Challenges to Face
Future of IoT: Key Challenges to FaceFuture of IoT: Key Challenges to Face
Future of IoT: Key Challenges to FaceAltoros
 
Unit 6 Final ppt (1).ppt
Unit 6 Final ppt (1).pptUnit 6 Final ppt (1).ppt
Unit 6 Final ppt (1).pptnadoje
 

Similar to Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things (20)

Assign 1_8812814ctm.pptx
Assign 1_8812814ctm.pptxAssign 1_8812814ctm.pptx
Assign 1_8812814ctm.pptx
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT
 
This Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is DifferentThis Time, It’s Personal: Why Security and the IoT Is Different
This Time, It’s Personal: Why Security and the IoT Is Different
 
IoT and the industrial Internet of Things - june 20 2019
IoT and the industrial Internet of Things - june 20 2019IoT and the industrial Internet of Things - june 20 2019
IoT and the industrial Internet of Things - june 20 2019
 
M2M_IoT_Presentation
M2M_IoT_PresentationM2M_IoT_Presentation
M2M_IoT_Presentation
 
IoT security
IoT securityIoT security
IoT security
 
IoT -Internet of Things
IoT -Internet of ThingsIoT -Internet of Things
IoT -Internet of Things
 
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Securit...
 
(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)
(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)
(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
 
IOT presentation.pptx
IOT presentation.pptxIOT presentation.pptx
IOT presentation.pptx
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav Singh
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
 
Presentation 10 (1).pdf
Presentation 10 (1).pdfPresentation 10 (1).pdf
Presentation 10 (1).pdf
 
Key challenges facing the future of IoT
Key challenges facing the future of IoTKey challenges facing the future of IoT
Key challenges facing the future of IoT
 
Future of IoT: Key Challenges to Face
Future of IoT: Key Challenges to FaceFuture of IoT: Key Challenges to Face
Future of IoT: Key Challenges to Face
 
U nit 4
U nit 4U nit 4
U nit 4
 
Cyber security
Cyber securityCyber security
Cyber security
 
Unit 6 Final ppt (1).ppt
Unit 6 Final ppt (1).pptUnit 6 Final ppt (1).ppt
Unit 6 Final ppt (1).ppt
 
CHA_001_IOT.pptx
CHA_001_IOT.pptxCHA_001_IOT.pptx
CHA_001_IOT.pptx
 

Recently uploaded

Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...fonyou31
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 

Recently uploaded (20)

Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
Ecosystem Interactions Class Discussion Presentation in Blue Green Lined Styl...
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 

Christopher Biedermann, EmiTel Ltd: Cybersecurity and the Internet of Things

  • 1. CYBERSECURITY AND THE INTERNET OF THINGS Chris Biedermann Chief Financial Officer, Chief Data Security Officer – Emitel PhD Student – Warsaw University of Technology
  • 2. Information is Everywhere • Why a discussion on “The Internet of Things” at a conference on Information Services? • With the dramatic growth in connected devices information is now effectively accumulated and stored a vast array of common devices • Commonplace “things” that in the past posed no security risk now need to be thought of in a different light • Source of confidential information that needs to be adequately protected • End point that can be used to attack larger systems • The basic tenants of cybersecurity “CIA” need to be incorporated into how we view everyday devices
  • 3. What is “IOT” • IOT – the “Internet of Things” • A growing universe of “things” that are now connected to the internet • Includes appliances, switches, cars, medical devices, etc… • Connecting to the internet opens up a vast array of new opportunities
  • 4. The IoT Connecting a myriad of devices (actuators and sensors) with each other and to higher level processing centers in the cloud - Cloud can utilize more sophisticated algorithms - Cloud can store massive amount of data collected for more intelligent analysis (data mining) Communication performed utilizing the internet and internet protocols
  • 5. Growth of the IoT • Still in the early stage • Gartner estimates that by 2020 over 20 billion IoT connected devices will be in place • Ericsson predicted that by the end of 2018 there will be more IoT connections than phone subsriptions Source: NCTA, Gartner
  • 6. IoT Growth will bring new opportunities • Smart Home • Smart City • Smart Medical Devices • Self Driving Cars
  • 7. New sources of risks • New ways to hack or disrupt systems • New sources of data privacy concerns • All sorts of common day “things” may be storing potentially Confidential and Personally identifiable information • Day to day habits of consumers will be tracked in ways not seen before • All this data has value for both legitimate and non legitimate persons
  • 8. Case Study: example of IoT security risk • Example - DDoS Attack in October 2016 • DDoS attack utilized distributed computers to overwhelm a target server • Unknown group launched the attack (using Marai botnet) on DNS server that served major corporations such as Amazon, Twitter, Netflix • Unique as attacked utilized vulnerabilities in common IoT devices (e.g. smart TV’s) to carry out the attack
  • 9. Infected devices found in over 164 countries • Devices that were most vulnerable and therefore most likely hijacked were home security systems, home monitoring cameras and smart TVs
  • 10. Poor security practices are primarily to blame • The malicious software (Marai) found easy targets by scanning IP addresses looking for poorly secured devices • Many simple IoT devices such as IP cameras or smartTV’s did not have passwords changed from default ones. • In some cases the devices had hardcoded passwords that could not be changed • Once attackers had control of the device they could use it to launch the DDoS attack
  • 11. Implications • Hijacking of devices • Marai example • Baby monitors • Japanese toilet example • Many devices track non standard personal information (e.g. track behaviors of people) – information is valuable and can be sold • What are we doing • What are we using • Where are we going • Significant improvement in overall state of IoT Security required
  • 12. IoT security – underlying issues • IT was estimated that less than 10% of IoT devices on the market are designed with adequate security • Lack of consumer awareness • IoT devices however present unique new challenges – the tend to have lower processing power and memory than traditional connected devices – difficulties with • Encryption methodologies • Automatic patching and updates • installation of anti-virus programs • Lack of standards Source: IoT Security Foudnation
  • 13. Potential Solutions • Technologies will improve to provide some solutions • However other fundamental changes need to take place • Drive for open standards • In most cases today systems from different producers operate in silos and can not talk to each other • Industry change and consolidation • Many smaller players developing proprietary systems • Consumer education
  • 14. Considerations for average consumer • Awareness – know what devices are connected and the associated risks • Any malware placed on computing devices (e.g. PC, tablet, phone) can be used to access IoT devices on the same network • Similar guidelines as with PC’s • Always change default passwords • Create strong passwords (.eg. I*have*3*children) • Social Engineering Be careful of phishing emails