Upload
hoangnhan
View
213
Download
0
Embed Size (px)
Citation preview
The Internet of Hackable Things
Dojo by BullGuard
• The market leading IoT security platform for CSPs
• Dojo delivers advanced IoT security and parental control service
• Dojo’s intelligent IoT security Platform (DIP) detects and mitigates a wide range of
IoT-related cyber threats
© Copyrights 2016. Dojo Labs by BullGuard®. All rights reserved. Proprietary and Confidential.
The State of IoT Security
© Copyrights 2016. Dojo Labs by BullGuard®. All rights reserved. Proprietary and Confidential.
Ring Video Doorbell
• Smart doorbell, allowing users to monitor and operate doors remotely
• Two way audio communication and one way video communication
• Users can open the door remotely via separate lock app
• WIFI connectivity
© Copyrights 2016. Dojo Labs by BullGuard®. All rights reserved. Proprietary and Confidential.
Hacking Ring Video Doorbell
Normal operation
Hacked
• ARP poisoning the router using arpspoof tool
• Collecting RTP traffic using rtpdump tool
• Duplicating the traffic arriving to the attacking computer using iptables
Ring Doorbell Hack – Step 1
© Copyrights 2016. Dojo Labs by BullGuard®. All rights reserved. Proprietary and Confidential.
Ring Doorbell Hack – Step 2
• ARP poisoning the router using arpspoof tool
• Blocking the traffic to the user app using iptables
• Streaming the stored video capture to the app using rtpsend
© Copyrights 2016. Dojo Labs by BullGuard®. All rights reserved. Proprietary and Confidential.
Ring Video Doorbell Hack Summary
• Most IoT devices are vulnerable to cyberattacks, and not only the poorly designed ones
• Vulnerability derived risks:
• Denial of Service
• Privacy breach
• Physical risk
• The IoT industry must act on securing the connected world
© Copyrights 2016. Dojo Labs by BullGuard®. All rights reserved. Proprietary and Confidential.
Thank You!