Download our presentation from RSA 2018 “Exfiltrating Data Through IoT”
IoT offers a plethora of new protocols and frequencies over which communication travels. Due to lack of familiarity amongst most enterprises, most organizations are ill-equipped to monitor or detect these mysterious channels for harmful activities. As a result, it’s quite easy to remain under the radar and exploit these to exfiltrate data out of an organization or infiltrate the network undetected. In this session we avoid rehashing previous research and media hype and rather focus on taking a more pragmatic approach of breaking these protocols to reveal their insecurities and devise methods to exploit them. Protocols and services such as SSDP, M2M communications, P25, Zigbee, WiFi, and more provide countless ways to secretly send information. We apply these to real testing to provide a live demonstration to the audience the seriousness of these threats, as well as new methods of detecting aberrant behavior emanating to/from these devices. This is then followed by a walk-though of our code. We’ll then wrap-up by outlining updated approaches one can incorporate into their organization’s defense in depth and detection strategies to positions themselves more proactively to protecting their organization from these IoT threats.