Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Pixels Camp 2017 - Stranger Things the internet version

786 visualizaciones

Publicado el

Much like Eleven and the gang, we at BinaryEdge sometimes are confronted with real monsters. Unlike in the series "Stranger Things" however, the monsters we're faced with take different shapes. Our monsters are usually found in the shape of weird things people connect to the internet. Often we're asked "What is the craziest things you guys have found connected to the internet?" In this talk we intend to answer and show exactly that. If you've seen our previous talks and/or read our "World Security Report" for 2016 (ise.binaryedge.io) you know that we have found some of the weirdest things online. From water dams, to electricity grids, and nuclear laboratory sensors, people simply love connecting things to the internet. And in this talk, we are going to explore the top "things" we've found exposed, talk about the different protocols they use and also allow YOU live on talk to search for your own things! On this talk we will also release our 2017 report, where we show how we detected some of the NSA tools such as Double pulsar. We will also make an interesting reveal on this topic. :)

Publicado en: Tecnología
  • Sé el primero en comentar

Pixels Camp 2017 - Stranger Things the internet version

  1. 1. BinaryEdge.io Be Ready. Be Safe. Be Secure.
  2. 2. Focus on Cybersecurity, Data science and Machine learning. Scale via software, automation and re-usable technology. HEADQUARTERS ENGINEERING TEAM ENGINEERING TEAM ZÜRICH, SWITZERLAND BINARYEDGE
  3. 3. OVERVIEW Look at things that are on the internet and that shouldn’t be there Scare you enough that if you see someone putting something on the in- ternet that they shouldn’t, you would stop them! AGENDA OBJECTIVE
  4. 4. WHO ARE WE? Tiago is the CEO and Data necromancer at BinaryEdge however he gets to meddle in the intersection of data science and cybersecurity by providing his team with lovely problems that they solve on a daily basis. Tiago Henriques
  5. 5. EXPOSING THINGS TO THE INTERNET Types of exposure People Organization
  6. 6. BINARYEDGE
  7. 7. INTERNET OF SHIT
  8. 8. MQTT MQTT MQTT Broker Hospitals Payment information ChatsPower stations Coffee makerCar GPSRadiation meters Prisons MMORPG data SensorsAlarms Power meters Mobile phones tracking software publish subscribe subscribe subscribe We found 37,514 active MQTT brokers How it works and what is out there
  9. 9. MQTT - NUCLEAR
  10. 10. MQTT - HOSPITALS
  11. 11. MQTT - PATIENTS
  12. 12. MQTT - OWNTRACKS - PRIVACY?
  13. 13. MQTT - OWNTRACKS
  14. 14. MQTT - OWNTRACKS
  15. 15. MQTT - OWNTRACKS
  16. 16. MQTT - OWNTRACKS
  17. 17. MQTT - POWER
  18. 18. MQTT - SMS
  19. 19. MQTT - PHONE BACKUP
  20. 20. RDP, VNC, X11 - POWER
  21. 21. RDP, VNC, X11 - POWER
  22. 22. RDP, VNC, X11 - POWER
  23. 23. RDP, VNC, X11 - POWER
  24. 24. RDP, VNC, X11 - POWER
  25. 25. RDP, VNC, X11 - GAS
  26. 26. RDP, VNC, X11 - GAS
  27. 27. RDP, VNC, X11 - GAS
  28. 28. RDP, VNC, X11 - GAS
  29. 29. RDP, VNC, X11 - GAS
  30. 30. RDP, VNC, X11 - PRESCRIPTIONS
  31. 31. RDP, VNC, X11 - HOSPITALS
  32. 32. SCADA - WHAT IS? SCADA (Supervisory Control and Data Acquisition is an industrial automation control system. SCADA systems can be used in different industries Energy Food and beverages Power Oil and gas RecyclingTransportation Water
  33. 33. SCADA - PROTOCOLS BACnet 47808 S7 102 cspv4 2222 dnp3 20000 ATG 10001 modifcon 502 enip 44818 fox 1911 omron 9600 proconos 20547 codesys 1200 pcworx 1962 codesys 2455
  34. 34. SCADA
  35. 35. SCADA
  36. 36. SCADA
  37. 37. SCADA
  38. 38. SCADA
  39. 39. SCADA
  40. 40. NSA
  41. 41. DOUBLEPULSAR Doublepulsar infection count: April 2017 date numberofinfections
  42. 42. COLLABORATION
  43. 43. SECOND NSA TROJAN 23 World count
  44. 44. BASIC RULES OF THE GAME update/ patch segregate/ firewall have a minimum of common sense
  45. 45. BE READY. BE SAFE. BE SECURE. BinaryEdge AG Freigutstrasse 40, 8001 Zurich Switzerland info@binaryedge.io www.binaryedge.io + 41 78 713 40 00 CONTIGENCY THREAT SAFE IRRELEVANT

×