Internet of Things and Embedded Software Security. www.telegrid.com

Similar documents
What is Really Needed to Secure the Internet of Things?

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

Internet threats: steps to security for your small business

Perspectives on Cybersecurity in Healthcare June 2015

Directory and File Transfer Services. Chapter 7

N-Dimension Solutions Cyber Security for Utilities

Security + Certification (ITSY 1076) Syllabus

Persistence Mechanisms as Indicators of Compromise

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Avaya G700 Media Gateway Security - Issue 1.0

RuggedCom Solutions for

Bellevue University Cybersecurity Programs & Courses

Executive Summary and Purpose

Cloud Security:Threats & Mitgations

The Information Security Problem

Cedric Rajendran VMware, Inc. Security Hardening vsphere 5.5

IBX Business Network Platform Information Security Controls Document Classification [Public]

WIND RIVER SECURE ANDROID CAPABILITY

Developing Network Security Strategies

INFORMATION SECURITY TRAINING CATALOG (2015)

S E C U R I T Y A S S E S S M E N T : B o m g a r A p p l i a n c e s

Computer Security CS 426 Lecture 36. CS426 Fall 2010/Lecture 36 1

A New Layer of Security to Protect Critical Infrastructure from Advanced Cyber Attacks. Alex Leemon, Sr. Manager

information security and its Describe what drives the need for information security.

Application White Listing and Privilege Management: Picking Up Where Antivirus Leaves Off

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

Avaya TM G700 Media Gateway Security. White Paper

Cyber Essentials Scheme

Who s Doing the Hacking?

CYBERTRON NETWORK SOLUTIONS

SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz , ICSG 2014

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

Cyber Essentials KAMI VANIEA 2

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

Cisco Advanced Services for Network Security

Secure by design: taking a strategic approach to cybersecurity

Using BroadSAFE TM Technology 07/18/05

Developing Secure Software in the Age of Advanced Persistent Threats

Information Security Office

Networking: EC Council Network Security Administrator NSA

Securing Smart City Platforms IoT, M2M, Cloud and Big Data

8/27/2015. Brad Schuette IT Manager City of Punta Gorda (941) Don t Wait Another Day

Intel Active Management Technology Embedded Host-based Configuration in Intelligent Systems

Basics of Internet Security

Passing PCI Compliance How to Address the Application Security Mandates

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

Trusted Network Connect (TNC)

Network Defense Tools

KeyLock Solutions Security and Privacy Protection Practices

I N T E L L I G E N C E A S S E S S M E N T

Introduction p. 2. Introduction to Information Security p. 1. Introduction

Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.

ADVANCE AUTHENTICATION TECHNIQUES

The Protection Mission a constant endeavor

White Paper: Consensus Audit Guidelines and Symantec RAS

FileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution.

BM482E Introduction to Computer Security

Cisco Cyber Threat Defense - Visibility and Network Prevention

Is Your IT Environment Secure? November 18, Sarah Ackerman, Greg Bernard, Brian Matteson Clark Schaefer Consulting

Promoting Network Security (A Service Provider Perspective)

Intel Cyber-Security Briefing: Trends, Solutions, and Opportunities

Protecting Your Organisation from Targeted Cyber Intrusion

SPEAR PHISHING UNDERSTANDING THE THREAT

Network Access Security. Lesson 10

Effective Defense in Depth Strategies

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Seven Strategies to Defend ICSs

2012 Endpoint Security Best Practices Survey

BlackRidge Technology Transport Access Control: Overview

Critical Controls for Cyber Security.

ARCHITECT S GUIDE: Comply to Connect Using TNC Technology

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

by New Media Solutions 37 Walnut Street Wellesley, MA p f Avitage IT Infrastructure Security Document

Cybersecurity Health Check At A Glance

Security Security by Separation

Extending Threat Protection and Control to Mobile Workers with Cloud-Based Security Services > White Paper

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design

Nixu SNS Security White Paper May 2007 Version 1.2

SANS Top 20 Critical Controls for Effective Cyber Defense

Project 25 Security Services Overview

Payment Card Industry Data Security Standard

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits

Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions

THREAT VISIBILITY & VULNERABILITY ASSESSMENT

How To Protect A Web Application From Attack From A Trusted Environment

Cyber Security In High-Performance Computing Environment Prakashan Korambath Institute for Digital Research and Education, UCLA July 17, 2014

Security Policy JUNE 1, SalesNOW. Security Policy v v

Unit title: Cyber Security Fundamentals (SCQF level 4)

Active Learning with the CyberCIEGE Video Game

Transcription:

Internet of Things and Embedded Software Security

About Us TELEGRID designs, develops and produces hardware tools that allow the Department of Defense to make use of Commercial-Off-The-Shelf (COTS) products and applications. TELEGRID is certified to ISO 9001:2008. TELEGRID is a WOSB founded in 1984.

Cybersecurity Attacks 2013 Target Cost $162mm Home Depot Cost $33m The annual global cost of cybercrime against consumers is $113bn - Symantec Anthem Health Insurance Affected 80mm People Office of Personnel Management Affected 22mm People

DoD is Doing Very Well The vast majority of companies are more exposed to cyberattacks than they have to be. To close the gaps in their security, CEOs can take a cue from the U.S. military. Once a vulnerable IT colossus, it is becoming an adroit operator of well-defended networks. Today the military can detect and remedy intrusions within hours, if not minutes. From September 2014 to June 2015 alone, it repelled more than 30 million known malicious attacks at the boundaries of its networks. Of the small number that did get through, fewer than 0.1% compromised systems in any way. Given the sophistication of the military s cyber adversaries, that record is a significant feat, Harvard Business Review, September 2015.

Internet of Things What is the Internet of Things (IoT)? IoT Market - Business Insider Intelligence 6.7bn IoT devices shipped in 2019 Double the size of the smartphone, PC, tablet, connected car, and the wearable market combined

IoT Attack Vectors

Embedded Systems - Security Issues Supply Chain Management Multitude of operating systems Software is old Linux Operating System 4 years old Samba File System 6 years old Binary code cannot be patched Real time systems Limits Intrusion Protection Systems Limited processing power and memory Limits Application Layer Firewalls Connected to the Internet

Embedded Systems Attacks 2012-4.5mm DSL Routers hacked in Brazil for financial fraud by pointing to malicious DNS servers 2014 Proofpoint published a report of 750k malicious emails sent from 100k consumer gadgets including routers, televisions and at least one refrigerator Industrial Control Systems Stuxnet, Havex, BE2, etc. 2015 Jeep Grand Cherokee

Easy Security Solutions Change your password 2010 Study by 2 researchers at Columbia University found that of the discoverable embedded devices on the Network 540,000 had factory default root passwords 13% of the total Request the list of open source software You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program, GNU GPLv3

Hard Security Solutions Network scanning software Patches Plan for your patches Have system administrator take part in testing Have a system recovery plan Redundancy What would you do if it wasn t a patch? What if it was a zero day attack? Embedded Firewall Stateless vs Stateful - Based on system resources Proxy Devices

Harder Security Solutions FIPS 140-2 Encryption TLS, SSH, SNMPv3 IPSEC PKI/ PKE with two factor authentication RADIUS/ LDAPS 802.1x Application - Kernel Separation Separation Kernel Physical Resource Separation Embedded Hypervisor Multiple OS Implementation

Hardest Security Solutions Intrusion Detection Systems Breakpoints are set at specific address in the kernel text where function pointers in the control flow can be checked for redirects Lightweight Intrusion Detection for Resource-Constrained Embedded Control Systems, Jason Reeves, Ashwin Ramaswamy, Michael Locasto, Sergey Bratus, and Sean Smith Control-flow intercepts are distributed randomly throughout the body of the host program to execute the Symbiote code and check results Defending Embedded Systems with Software Symbiotes, Ang Cui and Salvatore J. Stolfo, Department of Computer Science, Columbia University

Contact Details Website: POC: Eric Sharret Email: eric.sharret@telegrid.com Phone: 973-994-4440

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information