Some very long page name that will hopefully never get created ABCDEF123

Jump to: navigation, search

EyeNetworks Fagdag Apr2019

Title EyeNetworks Fagdag Apr2019
Place Månefisken
Date, Time 2019/04/29, -30Apr2019
Contact Person Linda Firveld
Participants Josef.Noll, Jan Pedro Tumusok, Linda Firveld, Maghsoud Morshedi, Maunya Doroudi Moghadam, Eren Soyak, Tom Gaffney, Christine Dalebø Gjerdevik, Ted Tøraasen, Geir Arne Rimala, Jan Richard Aspheim, Gry Tveten, Tore R. Andreassen, Jørund Kvamen, Nils Skøld, Martin Jürgensen
related to Project IoTSec, SCOTT
this page was created by Special:FormEdit/Meeting, and can be edited by Special:FormEdit/Meeting/EyeNetworks Fagdag Apr2019

For Agenda, see: See Presentations at:

Some "take-aways" by Josef and Maunya

F-Secure (Tom Gaffney)

Smart = Vulnerable - Mikko Hyppönen's Law (F-Secure)

Mirai: 1 Mio DE, UK (61 username/passwd) combinations

IoT threats

  • 2016 - 5 family threats Remaiten, Mirai, Hajime, Leet
  • 2017 Satori, Persiraij, IoT_Reaper, Brickerbot, Amnesia,
  • 2018 - 35 family threats: Torai, Hide N'Seek, Satori CoinRobber, ADB.Miner, Mushtik, Prowli, GoScanSSH, VPNFilter, Anarchy, Death, Hakai,…

Router Vulnerabilities: 35%(??)

  • "IoT is wild west" (need C-standard for security)

Threat Actors

  • Criminals: Cyber Criminals (steal money)
  • Hacktivists: political or ideological agenda, or just want publicity
  • State Actors: create malware, mass collection of user data - Jeff Bezos (phone cracked by Saudi Arabia),

What do we do?

  • No updates = no Internet
  • Force default password change
  • Patch
  • Bug bounty (engage community to tell you the bugs, and pay them…)
  • Map your attack surface (partners to update you)

Major privacy concerns through IoT, as data are collected without any operation from the users

Zyxel (Tore R. Andreassen)

79% of the Internet traffic is expected through Wifi and mobile by 2022 (Gartner 2018)

  • about 15 devices in average in 2022

New features in 802.11ax

  • Target Wake Time - Battery operated IoT devices - scheduled wake up - and 20 MHz
  • 4x increase in capacity
  • higher efficiency

WAOO (Martin Jürgensen)

WAOO is a Danish Internet Service Provider

WAOO SMART WIFI : The WiFi-set always ensures the most optimal WiFi-signal in all parts of the home using MESH-technology

Conjoint survey shows WiFi was most important (after price) and Speed, speed guarantee, Online storage etc was less important

They typically deliver a set of 2 MESH units

  • 2 units covers approx. 140 m2
  • They are pre-paired + extra clients can be added
  • Single packs sold to small apartments
  • Rental concept – not buy
  • 2/3 is private houses and 1/3 Multi Dwelling Units

Tech facts about WAOO smart WiFi

  • 1600 Mbps 3x3 802.11ac + 2x2 802.11n
  • Wireless MESH Extender
  • Produced by AirTies
  • Factory pre-paired as a set
  • Supports video (multicast) and data
  • Supports Ethernet Backhaul
  • Easy addition of extra unit
  • Config sharing
  • The WiFi-solution can be controlled via a smartphone app

WAOO products:

SMART WIFI APP - Self-service app

  • Easy installation
  • Monitor network (red, Yellow Green)
  • Manage devices
  • Parental control
  • Guest SSID

TV box - which includes a WiFi access point as part of the MESH.