Introduction to IoT Security
1. What is IoT Security?
2. Why it is so important? W
3. IoT Security Challenge
4. Divide 4
5. Learning concepts
6. Need a hardware to break hardware
the technology area concerned with safeguarding connected devices and networks in the internet of things Simply : we need to secure the device which is connected to internet IoT - Internet of things IIoT - Industrial internet of things (Automobile) OT - Operational Technology(ICS/SCADA)
Unnecessary ports opened • Insufficient testing and updating issues • IoT malware and ransomware • Data security and privacy concerns (mobile, web, cloud) • Lack of encryption • Authentication and authorization issues
Open ports and running services • Hardcoded data like api keys , URLs , certificates , passwords • Using publicly available exploits like blue borne • Using Metasploit payloads and exploits • Spidering the web for login forms and parameter • Protocols information gathering • Looking for plaintext information • Tools : burp , curl , Nikto , dirb , Nmap , Metasploit , brute force tools , hci tool , nRF connect app,
locations on embedded applications • Enumerating data of device from search engines - Shodan , fofa, Censys, zoomeye • Dorks for devices - Shodan and zoom eye • Hashing breaking • Communication Protocols testing – with Wireshark and other proxy tools • Firmware analysis static • Software application testing (thick client) • Datasheets and reconnaissance about the devices • Tools : exploit,