Time
5 hours 49 minutes
Difficulty
Intermediate
CEU/CPE
6

Video Transcription

00:00
Hello, everybody. And welcome to the I t Security episode number 16. I achieve vulnerabilities. My name is 100 Gina, and I'll be your instructor for today's session.
00:13
The Learning Operatives of decisions Do you understand? And be able to identify the main and basic I unstable and Villagers?
00:23
Well, uh, well, inabilities itself the term we use to identify Wait, Mrs. You know, either in the design integration operation system, devise some for development life cycle. You know,
00:38
a D end is a weakness in the system. Vulnerabilities are there, you know, calmness. New ones are discovered every day.
00:48
Many oland online databases like exploited the, for example, providers with an estimated updates on newly discovered command abilities. They're also such get vulnerability Scanners are are starting to use not only signature base
01:07
vulnerabilities contents, but also,
01:10
uh, they're stunned to use dread, intelligence and machine learning to be able to identify Belinda villages that are not on the wild, as we say.
01:19
Ah, well, it really is. Might be. You know, deficits is in the device physical protection, some poor quality figuration, protocol, security. And you know, the most explainable vulnerabilities at the one that they're put there because there is a miss configuration.
01:38
Uh, the user didn't change the default Basel war.
01:42
A user didn't actually using buzz world access control at all. The user didn't encrypt information. When I say user at them unnecessarily mean And finally he's right. I also mean that the user developed, created the code or developing the code created the device.
02:00
You know anyone that it's in contact with a device at the end? Um, you know,
02:07
Attackers are well aware that liabilities are are there and they're easy to exploit. Most of the time
02:13
they will. You know, these hackers will typically sick too. You know, these women abilities that are the easiest and least costly and fastest to exploit.
02:23
Uh, you know, malicious hackers, you know,
02:28
they drive in a prophet market because they want they want to make money. They even some have some pages on the dark Web dedicated to show you how to exploit or give you exploits for a particular subway that you want off course. They will charge you sometimes someone
02:47
Ah, you know,
02:50
they also are, well, a word off the turn return off investment and cost benefit analysis is because at the end. They want to get the most with the least effort on when I say the least effort and meaningless money, and
03:05
at least time or at least resource is to ensure that appropriate level of security on the I A. T infrastructure, you know, business and developers most must perform a risk analysis, an implement, You know, the app. It's set for sake words according to that risk,
03:23
we'll get into the detail of the risk later
03:25
in the curse. 11 that the level off the implement, the condom measures would be, you know,
03:34
in
03:36
he has to make sense according to the return off investment. You don't want to Spain, I don't know, Uh, 10 bucks. If if If what, you're going to be earning a CE five bucks. That's the logic for the Hawker. And you should also use the same logic. If
03:53
you had that losing 10 bucks at the end for 50 bucks,
03:57
you want you don't wantto invest 100 bucks in the Indus solution because at the end
04:02
you have to take into consideration the return on investment and the cost benefit analysis.
04:09
Well, ah, there tree
04:12
types tip three basic type of attacks. This there's the tact that that that goes for the subway earlier. This is the cheapest attack, meaning doesn't that's it doesn't cost much more much money
04:25
because of the M e e usual usually involves remote network attacks. As we, you know. Well, we're well aware of the pen test in and, you know, you just have to be under connected to the Internet and have the knowledge. And that's basically if you have physical access, good.
04:44
But if you're a beautiful happy, you can still manage to
04:46
hark the device.
04:48
So this is the cheapest and, you know, attack and hackers amounts of the time goes for this layer.
04:56
Then we have the broad or the board or device layer attacks, tipple, K combined elements off some word and not invasive Hard work tax,
05:06
you know, connecting developed four. Or maybe, uh
05:11
that the device has an open port without any physical protection attached to it. So the hackers use this to insert Maybe I used be or something delicious to capture keystrokes or maybe packet sniffer. But that's, you know,
05:30
some non invasive harbour attacks,
05:33
and then we have the cheap layer, and this is the most basic attack and, you know, most closely attack, because at the end of the hacker will have to have direct access to the I. A. T. Device. Our infrastructure itself,
05:48
uh, you know, require highly specialized equipment that can call several $1,000,000 Sometimes, uh, you know, this could include, uh,
06:00
bean
06:01
laser attacks or air if I the attacks or anything that is physical. So it most closely of the off all of the tax. And what controls are the packers trying to Kang? Will there Basie Basically four controls, which is network application device chick. You know, if
06:20
at Tucker gains
06:24
access to any of this, it will, you know it will either have the goal, which will be, you know, root access or administrative permissions to the system. Or it can use it to pinpoint to another, more juicy if you allow me the work, Um, target, because at the end, you know, maybe
06:42
the hacker is not necessarily targeting
06:45
today. I am TV by spirit, but it started into the today I NT server or infrastructure overall.
06:51
So
06:53
that and to show you guys how malicious and Holly said this could be, uh I'm gonna show you a video off how I can actually see cameras. I want the world cameras that I wasn't supposed to see because at the end of their security cameras are more cameras
07:13
at the end.
07:14
What I'm about, we're about C.
07:16
It's really frightened because at the end you can actually see again and cameras that miss configured
07:24
in the world. And you can also, you know, use this to any specific camera. But, you know, that's an example. I'm just I just want to see how dangers you seen a 90 with the puppet Khanna measures can be.
07:38
So let me heat plate and the video that have perfectly and I hope you enjoyed this little stunt.
07:46
It's basically just thio. Start it managed framework
08:03
and you have to search for the shouldn't Montel things. Sure, I's basically Web crawler will search several things. In this case, we're looking for cameras.
08:18
You can search anything when I say thing. I mean, in the context of io, keep right
08:28
so you can sort of anything coming from cameras, which the guys here you most searched medical devices
08:37
and connected to to to Internet. They'll give you a threat until feed Which a lot of a lot of information. You're losing it, Something like that. But in this case, we're closing on the camera capability is, uh, Web crawler. Has
08:56
eso
08:58
shoot?
09:00
Uh
09:01
and,
09:13
uh, wait a couple of things like this. Shouldn't Kiki learned to get one of these jewels, have to create an account in the bed?
09:26
Uh, you see, I got my here
09:46
query. This case will be the cameras, but again, you can start on the You know,
09:56
what we know is to use search medical devices.
10:03
Uh, you know? Well, not doing that for the last week once show you only that the things that you know you can do This show and religious
10:16
query too.
10:20
Uh, where
10:22
can I see?
10:24
And you can also use the rigid
10:31
said Thio, search for a specific I p CD country. Oh, Okay.
10:39
So we'll be diving into anything connected to the Inter print right now. So this is how we're going to say
10:48
and just
10:52
and you turn a several piece, huh?
10:58
You know, said,
10:58
um,
11:01
that camera's exposed to the threat without any securities case or with people. So we'll go to one,
11:11
please. Just you know, I know you've got to start here for the right reasons. Well, our ethical poppers. So they use this to hurt anybody. Okay. I couldn't change possibility for what they used you,
11:26
you know, for how you used the salt. That's just for research firm asses and to help. People are precipitator
11:37
securities
11:39
that says you can just copy paste it. I'll be right here.
11:45
Go. And you can show you the camera life, and you can use thistle. Also,
11:54
for any camera that was located in the inequality. Several country, several, like he's So this is how you're some.
12:05
This is humbling. A religious convicts floated again. Let me lettuce come from several sources. But this case exploded with fluid to lavon lids. Where, uh, no credentials for all. I mean, no access control the fly or, uh, think credentials.
12:24
Where did the full came from us
12:28
and the usually changed that. And you know for sure this you can you go to
12:35
you can see here,
12:39
uh, and you can have all the pieces that the square return which were alive. I mean, is this something that display thesis?
12:50
You can just get a turning their graphic user interface Giving Beijing dedicated to is you can go to the Internet and start for
13:05
the base, and you will see the couple of place all these home for your cameras are no cameras. Does any of that dimensions cameras uses over? Well, you know, somewhere in the cameras.
13:24
Well, as you can see, there was this was really malicious and really easy to do, which is, you know, it has a great concern attached today's concept
13:35
on, for example, uh, everyone out there is Jim. Great candor, iPhones and, you know, also rooting their other funds.
13:45
But the problem is that when your job breaking right from your basically exploiting it an explosion, a poor man ability in the US And you know this Is this what I'm showing you? This is the latest version off. For example, watch os. And
14:03
you know, you can easily jump your watch cities today.
14:07
So this is another thing to be concerned if there is already on, you know, publicly known Glenn ability out there. There are thousands are other balloon abilities were not realizing they're there, so just
14:22
keep an eye on it.
14:26
Ah, wise return of the best men cost benefit important when we took about a marvelous Well, because hackers are looking to spend the least amount of money to gain access to your piety devices,
14:41
what is showed on world Children, he said. WebCrawler, if you can, you can say that we will search for vulnerable by default. I t devices
14:50
in this case in the individual. We just looked. We looked for cameras, but you can also look for medical devices from sample.
14:58
Why do hackers like to exploit some horrible interval? It is, instead of Chippewa? Nada Villagers
15:03
was. Well, as we say in the first question, they're looking to exploit the least expensive woman abilities, which are sub word balloon of killers.
15:15
In today's brief lecture would talk about I A table in abilities. We also saw a few hands on examples off a table in a villainous
15:26
you can go to the shirt on weapons. They will show you all the capabilities you can take from them. You can also use the pay Persian off this, uh, sub word, and it will. It will give you a boost in your search capabilities for for for deity vulnerable.
15:45
Looking forward at will in the next video, we'll cover the main on basic gaiety attacks. Well, that's it for today, folks. I hope your video and talk to you soon.

Up Next

IoT Security

This IoT Security training is designed to help IT professionals strengthen their knowledge about the Internet of Things (IoT) and the security platforms related to it. You’ll also be able to identify the security, privacy and safety concerns related to the implementation of an IoT infrastructure.

Instructed By

Instructor Profile Image
Alejandro Guinea
CERT Regional Director
Instructor