The Spread of Cyberthreats: How Hackers Are Connecting ...€¦ · The Spread of Cyberthreats How...

© 2018 Irdeto. All Rights Reserved. – www.irdeto.com

15:15 The Spread of Cyberthreats: How Hackers Are Connecting with Smart Buildings David Jones, Irdeto

Sponsored by


The Spread of Cyber th reatsHow Hackers are Connecting with Smart Buildings

David W. Jones

November 2018


§ DISCLAIMER: The trends and technologies included in this presentation may:

§ Cause distrust in your IoT devices and applications.

§ Become a factor in your IoT Smart Building strategic planning.

§ Be a catalyst for budgetary review & additional cybersecurity spend from your board.


Top 5 Non-Consumer IoT Projects 2018*

§ IoT Security Spending* § Device Auth/Identity – 16.2%§ Activity Monitoring – 13%

*source: IoT Analytics, Jan 2018 [excludes consultancy]based on 1,600 global publicly announced projects

# Category Total (%)

Americas (%)

Europe (%)

APAC (%)

1 Smart City 23 34 45 18

2 Connected Industry 17 45 31 20

3 Connected Building 12 53 33 134 Connected Car 11 54 30 12

5 Smart Energy 10 42 35 19

Others (incl: Health, Agri, Retail, Supply Chain) 27 - - -

© 2018 Irdeto. All Rights Reserved. – www.irdeto.com©2017 Irdeto, All Rights Reserved. – www.irdeto.com ©2018 Irdeto, All Rights Reserved. – www.irdeto.com

5

Global Market Forecast: 2016 - 2022§ Smart lighting, switches and

controllers leading growth.

§ Growth in thermo and contact/occupancy sensors.

Q: How is the software on these devices architected, tested, and maintained?

Q: What is the undeniable business benefit to automation – justifying potential cyber risk?

Building Automation Systems Wireless Field Equipment Shipments (in Millions) by Device Type

Global Market Forecast: 2016 - 2022

Source: ABI Research 2018


6

§ Smart Location Managementü Conference Roomsü Parkingü Maintenanceü Collaborationü Usage/flow/timing

§ Data Analytics

§ Efficiencyü Solarü Thermal Energyü Lighting

§ Physical Security/Access

§ Change Management

Smart Bu i ld ingBenef i t s


Storage

Visualization

AnalyticsDevice Management

Monitoring and Actions

EdgeProcessing

Secure Communication

SDK

SDK

SDK

SDK

Connected FacilityCloud Infrastructure

Applications

7

IoT Platforms – Strengths & Gaps

§ Large IoT platform providers use similar architectures and offer similar capabilities§ Platform features/attributes are often intentionally left open or undefined for purpose of

scale and reach

Standard certificateauthority functionality

Tools for securingcloud infrastructure

Secure commsbased on TLS

PKI-based credentials for

apps & devices

§ In-foundry & in-factory provisioning§ Security of the IoT (edge) devices themselves§ On-premises / non-cloud use cases§ Limited support for non-PKI security§ Vertical-specific device lifecycle management


BRAND DAMAGE

NY T

imes re

ported th

at my

products

were

the s

ource

of the In

tern

et outa

ge

across E

urope!

IP LEAKAGE

Our algorith

m is our

bread & butte

r! The

company’s future

depends on it!

COMPROMISEDSAFETY

Our Safety systems ensure

our products don’t harm

people!

IDENTITY THEFT

How do I know that the

device I am connected

to is really my device?

NEXT GEN

RANSOMWARE

All our P

Cs are secure from

Ransom

ware…

. But w

hat

about the 10 times that in

connected devices?

B u s i n e s s T h r e a t s f r o m U n s e c u r e d P l a t f o r m s / S o f t w a r e


§ Hacking is a business - Hackers profit by scaling theirmodified versions of software & stealing secrets

§ Today’s IoT devices are prime targets for Botnets,Ransomware 2.0, and other malware

§ Tech advances are empowering an increasinglycapable and tech-savvy hacker

§ Open source and hacker collaboration make for “easylearning”

§ Result: Unsecured software is as readable as a book

$

Problem: All Software is Vulnerable


Hacks Damage B rand, In te l lectua l P roper ty , Safety and Cost $$$$


11

§ An early glimpse of IoT vulnerabilities.

§ DDos – Distributed Denial of Service.

§ Searched internet for open Telnet ports, tried 61 default passwords to gain access*.

§ Impacted 300k devices – grew beyond scope of intended purpose to 164 countries*.

§ Hacker openly posted the code online for others to use/modify/deploy.

§ Those responsible plead guilty in 2017 to serve 5-10 years in prison**.

§ A new version in May 2018 (Hide & Seek) adds new exploits to the Mirai Botnet code***.

Mira i Botnet (2016 ->)

*source: https://www.csoonline.com/article/3258748/**source: https://www.engadget.com/2017/12/13/mirai-botnet-creators-guilty-plea/?guccounter=1***source: https://www.zdnet.com/article/mirai-botnet-adds-three-new-attacks-to-target-iot-devices/


SecuritySpend

HackerProfit

C o n s i d e r t h e B a l a n c e o f t h e D i f f e r e n t B u s i n e s s e s


Thought Process?

Developer

Do I have any code vulnerabilities in the lock

tumbler?

Security Architect

I need to have a strong lock on the front door, steel frame, locking windows and alarm system on all ground floor openings – and restricted

network access

Hacker

Test vulnerabilities on target remotely, weaponize with

success, identify next target, and repeat


Your Data

Intellectual Property

Personal Information

What do Hackers Look For?

The Path toYour Data

Break the crypto

Look for patterns

Put the Two Together

$$

Leverage


Hacker ’ s V iew | No P rotect ion

S T R A I G H T PAT HC L E A R V I S I B I L I T Y


R e v e r s e E n g i n e e r i n g


Remember, Code is Readable

R E V E R S E E N G I N E E R I N G T O F I N D D E C R Y P T E D D ATA


18

An At tacker has the Advantage

§ Most people don’t think maliciously.

§ You release your product. Attacker may not. Forensics of a hack can be difficult.

§ Hacking is magic to most people.

§ Some Hacking Groups are very well-funded


AT TA C K S U R FA C E

The Device(the most focus)

Smartphone app(everyone has one)

Communications

The things the device connects to

Cloud (via the Internet)

Anatomy of an At tack

P H A S E S O F A N AT TA C K

Investigation

Leverage a weakness

Modify and repeat

Create an attack

Scale the attack

$$$$


20

“My Data is Safe Because it’s Encrypted…”

But the Attack is Different on Exposed Endpoints

§ “Yes, brute forcing encryption is not feasible if proper key entropy is used.”

§ With endpoint access, attackers wait for you to decrypt the data, then take it.

§ So, the attacker goal is to gain privileged access to an endpoint.


Security Use Cases – the Intersection of Value and Responsibility

21


What is it?§ Smart Buildings driving services growth§ App enables lower service operation costs

§ supports both query and provisioning

Business Risk§ Mobile devices contain potential hacker openings§ Pirated App can be used to “steal” services revenue

Threat Case§ Apps querying data can be used to gain building system knowledge

§ Hacking / breach PR would impact brand§ IP or critical data sold to a competing service business§ Sensitive data can be sold to competitors

§ Apps capable of changing parameters pose risk to safety§ Service disruption – Production downtime / brand impact§ Ransomware the building§ Safety system compromised – Terrorist activity§ Illegal access to buildings for criminal activity

U S E C A S E – S e r v i c e s R e v e n u e P r o t e c t i o nT e c h n i c i a n A p p s

22


Our SPIDER Model

SPIDER

▪ Software Protection

▪ Integrity

▪ Diversity

▪ Entanglement

▪ Renewability

23


Data Transformation

Data and Source CodeNo Protection

• Program deals with data ie. encryption keys, VM keys etc.

• Reverse engineer or attacker wants to look for meaningful values in data as program executes.

• Possible use of debugger to steal the data values as program executes.


Data Transformation Protection - Applied

Data and Source CodeWith Protection

• Transform data into an alternate encoding both at rest and in execution.

• Data transformation is possible while data is being used.

• Possibility of adding two encoded values together without having to decode them first.

• Creates more complicated data dependency graph and semantic modeling tools for data are unable to interpret.


Function Inlining Protection - Applied

Source CodeWith Protection

• Hide the functions call. We clone the function being called and transform each clone differently.

• Embed the called functions into the program.

• Apply inlining protection and hide any external function call.

• Apply control flow flattening to the inlined function.


Combined Software Protection

Source CodeNo Protection


Combined Software Protection - Applied

Source CodeWith Protection


TechnologyPrevent Analysis Prevent Tampering Foil Automated

AttacksRenew and

DiversifyStatic Dynamic Static Dynamic

Data Flow Transforms ü ü ü ü ü ü

Control Flow Transforms ü ü ü ü ü

White-box Crypto ü ü ü ü

Secure Store ü ü ü ü ü ü

Integrity Verification ü ü ü ü

Anti-Debug ü ü ü ü

Code Encryption ü ü ü ü ü

O n g o i n g S e c u r i t y S t r a t e g y = D e f e n s e i n D e p t h

©2017 Irdeto, All Rights Reserved. – www.irdeto.com


Software Protection

▪ Consists of many techniques and technologies.

▪ Considering the prior slide the following techniques may be most applicable in a security strategy.

30


Hacker ’ s V iew | Advanced P rotect ion


Finds and fixes issues at architecture and design stages to avoid costly re-engineeringduring coding, validation, and release

Provides thorough reporting that includes detailed attack trees and attack vectors outlining severity, potential, probability, controllability …

Includes multi-dimensionalratings for financial, operational, privacy, and safety risk assessments

Offers actionablesuggestions for mitigations and recommendations for additional securityrequirements

1 23 4

S e c u r i t y D e s i g n R e v i e w


CONSIDER SECURITY FROM PRODUCT INCEPTION AND FACTOR IN UPDATEABILITY

REGULARLY RENEW YOUR SECURITY

CONSIDER THE FULL ATTACK SURFACE

THINK HOLISTICALLY,

THINK EASE OF ATTACK,

THINK MULTI-LAYERED DEFENSE

ASK YOUR VENDORS/SUPPLIERS HARD QUESTIONS


SECURING DIGITAL ASSETS FOR 20 YEARS

50 MILLION TRANSACTIONS PROTECTED PER DAY

70 MILLION PERSONALIZED SEMICONDUCTOR CHIPS PROVISIONED VIA IRDETO’S KEYS & CREDENTIALS SOLUTION

+5 BILLION DEVICES & APPLICATIONS SECURED

MORE THAN 191 MILLIONCRYPTOGRAPHIC KEYS GENERATED AND UNDER MANAGEMENT


THANK YOU!

David W. Jones Sr. Director Global Business Developmentm: +31 612 112 737e: [email protected]

IrdetoPlease visit: www.irdeto.com

The Spread of Cyberthreats: How Hackers Are Connecting ...€¦ · The Spread of Cyberthreats How...

Documents

Transcript of The Spread of Cyberthreats: How Hackers Are Connecting ...€¦ · The Spread of Cyberthreats How...