Permission error
From its-wiki.no
Josef.Noll (Talk | contribs) (Created page with "{{Meeting |Title=EyeNetworks Fagdag Apr2019 |Place=Månefisken |Date=2019/04/28 |Duration=-29Apr2019 |Organiser=Linda Firveld, |User=Josef.Noll, Jan Pedro Tumusok, Linda Firve...") |
Josef.Noll (Talk | contribs) m |
||
| Line 5: | Line 5: | ||
|Duration=-29Apr2019 | |Duration=-29Apr2019 | ||
|Organiser=Linda Firveld, | |Organiser=Linda Firveld, | ||
| − | |User=Josef.Noll, Jan Pedro Tumusok, Linda Firveld, Maghsoud Morshedi, | + | |User=Josef.Noll, Jan Pedro Tumusok, Linda Firveld, Maghsoud Morshedi, Maunya Doroudi Moghadam, Eren Soyak, Tom Gaffney, Christine Dalebø Gjerdevik, Ted Tøraasen, Geir Arne Rimala, Jan Richard Aspheim, Gry Tveten, Tore R. Andreassen, Jørund Kvamen, Nils Skøld, Martin Jürgensen, |
|Project=IoTSec, SCOTT, | |Project=IoTSec, SCOTT, | ||
| + | |Depiction=Shared Insights 2019 Tillit - Eye Networks.pdf | ||
}} | }} | ||
For Agenda, see: https://eyenetworks.no/display/EN/Shared+Insights+2019%3A+Tillit | For Agenda, see: https://eyenetworks.no/display/EN/Shared+Insights+2019%3A+Tillit | ||
| + | |||
| + | ==Some "take-aways" by Josef == | ||
| + | === Zyxel (Tore R. Andreassen) === | ||
| + | Smart = Vulnerable - Mikko Hyppönen's Law (F-Secure) | ||
| + | |||
| + | Mirai: 1 Mio DE, UK (61 username/passwd) combinations | ||
| + | |||
| + | IoT threats | ||
| + | * 2016 - 5 family threats Remaiten, Mirai, Hajime, Leet | ||
| + | * 2017 Satori, Persiraij, IoT_Reaper, Brickerbot, Amnesia, | ||
| + | * 2018 - 35 family threats: Torai, Hide N'Seek, Satori CoinRobber, ADB.Miner, Mushtik, Prowli, GoScanSSH, VPNFilter, Anarchy, Death, Hakai,… | ||
| + | |||
| + | Router Vulnerabilities: 35%(??) | ||
| + | * "IoT is wild west" (need C-standard for security) | ||
| + | |||
| + | Threat Actors | ||
| + | * Criminals: Cyber Criminals (steal money) | ||
| + | * Hacktivists: political or ideological agenda, or just want publicity | ||
| + | * State Actors: create malware, mass collection of user data - Jeff Bezos (phone cracked by Saudi Arabia), | ||
| + | |||
| + | What do we do? | ||
| + | * No updates = no Internet | ||
| + | * Force default password change | ||
| + | * Patch | ||
| + | * Bug bounty (engage community to tell you the bugs, and pay them…) | ||
| + | * Map your attack surface (partners to update you) | ||
| + | |||
| + | Major privacy concerns through IoT, as data are collected without any operation from the users | ||
| + | |||
| + | === Xyxel === | ||
| + | 79% of the Internet traffic is expected through Wifi and mobile by 2022 (Gartner 2018) | ||
| + | * about 15 devices in average in 2022 | ||
| + | |||
| + | New features in 802.11ax | ||
| + | * Target Wake Time - Battery operated IoT devices - scheduled wake up - and 20 MHz | ||
| + | * 4x increase in capacity | ||
| + | * higher efficiency | ||
Revision as of 18:25, 4 May 2019
| Wiki for ITS | ||||||
|---|---|---|---|---|---|---|
|
|
You do not have permission to edit this page, for the following reason:
| Wiki for ITS | ||||||
|---|---|---|---|---|---|---|
|
|
You do not have permission to edit this page, for the following reason:
| Wiki for ITS | ||||||
|---|---|---|---|---|---|---|
|
|
You do not have permission to edit this page, for the following reason:
| Wiki for ITS | ||||||
|---|---|---|---|---|---|---|
|
|
You do not have permission to edit this page, for the following reason:
| Wiki for ITS | ||||||
|---|---|---|---|---|---|---|
|
|
You do not have permission to edit this page, for the following reason:
| Wiki for ITS | ||||||
|---|---|---|---|---|---|---|
|
|
You do not have permission to edit this page, for the following reason:
| Wiki for ITS | ||||||
|---|---|---|---|---|---|---|
|
|
You do not have permission to edit this page, for the following reason:
| Wiki for ITS | ||||||
|---|---|---|---|---|---|---|
|
|
You do not have permission to edit this page, for the following reason:
| Wiki for ITS | ||||||
|---|---|---|---|---|---|---|
|
|
EyeNetworks Fagdag Apr2019
| Title | EyeNetworks Fagdag Apr2019 |
|---|---|
| Place | Månefisken |
| Date, Time | 2019/04/28, -29Apr2019 |
| Contact Person | Linda Firveld |
| Participants | Josef.Noll, Jan Pedro Tumusok, Linda Firveld, Maghsoud Morshedi, Maunya Doroudi Moghadam, Eren Soyak, Tom Gaffney, Christine Dalebø Gjerdevik, Ted Tøraasen, Geir Arne Rimala, Jan Richard Aspheim, Gry Tveten, Tore R. Andreassen, Jørund Kvamen, Nils Skøld, Martin Jürgensen |
| related to Project | IoTSec, SCOTT |
| Keywords |
| this page was created by Special:FormEdit/Meeting, and can be edited by Special:FormEdit/Meeting/EyeNetworks Fagdag Apr2019 |
| Category:Meeting |
For Agenda, see: https://eyenetworks.no/display/EN/Shared+Insights+2019%3A+Tillit
Some "take-aways" by Josef
Zyxel (Tore R. Andreassen)
Smart = Vulnerable - Mikko Hyppönen's Law (F-Secure)
Mirai: 1 Mio DE, UK (61 username/passwd) combinations
IoT threats
- 2016 - 5 family threats Remaiten, Mirai, Hajime, Leet
- 2017 Satori, Persiraij, IoT_Reaper, Brickerbot, Amnesia,
- 2018 - 35 family threats: Torai, Hide N'Seek, Satori CoinRobber, ADB.Miner, Mushtik, Prowli, GoScanSSH, VPNFilter, Anarchy, Death, Hakai,…
Router Vulnerabilities: 35%(??)
- "IoT is wild west" (need C-standard for security)
Threat Actors
- Criminals: Cyber Criminals (steal money)
- Hacktivists: political or ideological agenda, or just want publicity
- State Actors: create malware, mass collection of user data - Jeff Bezos (phone cracked by Saudi Arabia),
What do we do?
- No updates = no Internet
- Force default password change
- Patch
- Bug bounty (engage community to tell you the bugs, and pay them…)
- Map your attack surface (partners to update you)
Major privacy concerns through IoT, as data are collected without any operation from the users
Xyxel
79% of the Internet traffic is expected through Wifi and mobile by 2022 (Gartner 2018)
- about 15 devices in average in 2022
New features in 802.11ax
- Target Wake Time - Battery operated IoT devices - scheduled wake up - and 20 MHz
- 4x increase in capacity
- higher efficiency
