The past decade has seen explosive growth in the use and deployment of IoT (Internet of Things) devices. According to Gartner there will be about 20.8 billion IoT devices in use by 2020. These devices are seeing wide spread adoption as they are cheap, easy to use and require little to no maintenance. In most cases,setup simply requires using a web or phone app to configure Wi-Fi credentials. Digital home assistants, security cameras, smart locks, home appliances, smart switches, toys, vacuum cleaners, thermostats, leakage sensors etc are examples of IoT devices that are widely used and deployed in home and enterprise environments.
Threat actors look to exploit IoT devices
The threat landscape is constantly evolving, and threat actors are always on the prowl for new vulnerabilities they can exploit to launch attacks. With traditional attack methods yielding fewer exploits – due to the increased focus on security testing, frequent patches, increased user awareness of security threats, and the use of network security software and devices – threat actors have turned their attention to the billions of IoT devices and are exploiting inherent vulnerabilities in these devices. The vulnerabilities, always ON nature, and autonomous mode of operation of the devices allow attackers to spy on users, spoof data, or leverage them as botnet infrastructure to launch devastating attacks on third parties. Mirai, a well known IoT malware utilized hundreds and thousands of enslaved IoT devices to launch DDoS attacks on Dyn affecting access to Netflix, Twitter, Github, and many other websites. With the release of the Mirai source code numerous variants of the malware are infecting IoT devices across the world and using them to carry out attacks.
These attacks are made possible because the devices are manufactured without security in mind!. KrebsOnSecurity lists a set of devices that were targeted by Mirai. Most of them have been shipped with hard-coded default credentials for login/telnet/ssh access making them inherently unsecure and difficult to patch with software updates. The large diversity of IoT devices, and their increasing adoption, makes it imperative for network security practitioners and enterprises to consider the risks and challenges these devices pose, and mold their network security posture and protocols to ensure safety and security of the network.
Participate in a hands-on challenge
At the Black Hat vs White Hat demo booth (in the DevNet Zone at Cisco Live), we will demonstrate hacking a widely available off-the-counter IP Camera and SOHO (Small Office, Home Office) router. Through a hands-on lab, Black Hat participants posing as hackers will exploit vulnerabilities present in these devices to get on the network, steal personal data, spy on the user, deploy malware, disrupt operation, and steal the coveted prize! The second half of the demo will have the participants don their White Hats and see the same hacks unfold from a network security perspective. It will showcase Cisco Security products (like the Firepower Management Center, Next Generation Firewall-NGFW and others) and demonstrate how they block the exploitation of vulnerabilities present in the IoT device and automatically receive the latest security updates to keep the enterprise safe and secure from current and future threats.
So come hack, defend, and win by playing the Black Hat White Hat Challenge at the DevNet Zone. Find details in our DevNet Zone Activity Guide! Have a question?…drop me a comment on this blog.
See you in Barcelona!