IoT Attack Countermeasures

00:00

Hey, everyone, welcome back to the course in this video. We're just gonna talk about some I o t attack countermeasures that we can do as part of this. We're gonna talk about the i o t o Assault 10 just a little bit. We'll talk through the list.

00:11

We're also gonna talk about guidelines for manufacturing companies. So some best practices. And then, of course, we'll talk about the actual countermeasures to different coyote attacks.

00:21

So let's just go over our OAS Top 10 list for I O. T. And this is the 2018 version of the list.

00:27

We've got a week decibel or hard coded password. So again, we talked about the default credentials on a lot of these I o t devices.

00:34

They're using either using weak credentials or they're using things that are maybe hard coded credentials or

00:41

just using the defaults right? They're not changing those defaults once they get the device

00:46

insecure network services. So we're not using encryption or we're using insecure protocols, insecure ecosystem interfaces. Ah, lack of a secure update mechanism. So we don't have a way to actually make sure that this update we're applying is from a legitimate source. We don't have that secure process in place

01:03

where we know it's from a reputable source and that it has not been tampered with.

01:07

Using insecure, outdated components is another one

01:11

insufficient privacy protection,

01:14

insecure data transfer and storage

01:15

things like the lack of device management. So, yeah, we got the device, but we really can't make it more secure. We can't harden the the device

01:25

insecure default settings. So not just credentials, but also other settings protocols that that shouldn't be used or ports that are open that shouldn't be

01:34

and a lack of physical hardening on the device. So we make it very easy for someone that gets physical access to the device to compromise the device.

01:42

So what are some guidelines out there for I O. T. Manufacturing companies were some kind of best practices for them.

01:49

Well, using encrypted communication. So using TLS to encrypt that communication, you also want to make sure that you're checking the security certificates and also checking the revocation list. Make sure that the certificate has not been revoked. Using strong in complex passwords. Salting the passwords

02:07

using multi factor authentication

02:08

is

02:09

wherever possible. Make sure make sure there's that train of chain of trust for updates, right? So as we want to update the firmware, making sure that we know it's coming from a legitimate source. It's coming from the manufacturer, um, and that it's actually has not been tampered with, right? Very important.

02:28

Implementing account locked lockout. So basically, as someone's trying to brute force the device, we lock out the device after a certain number of wrong log in attempts

02:37

hardening the devices right? So closing off those ports or protocols that we should not be using or that are not necessary for the device actually function properly

02:46

and using the secure boot change. So basically making sure that you're verifying all the software that's executed on the device itself.

02:54

So what are some countermeasures that weaken due to different I o. T. Attacks? Well, we can number one disabled things like the guest account or demo user accounts. If they're enabled,

03:04

we can use the lockout features I mentioned before. If there's too many invalid log in attempts, it'll just lock out the device and maybe require them to take a step, like contacting the help desk or something,

03:14

using stronger authentication mechanisms

03:16

locating control system networks and devices that air behind firewalls, isolating

03:23

the i o. T. Devices from the business network,

03:27

implementing things like ideas. And I i p s systems

03:30

implementing

03:32

things like VPNs. Right? So, using a VPN architecture for the secure communication deploying security, security has basically in the unified integrated system. So you have visibility across everything and then disabling unnecessary ports, right? So if you don't need tell net, for example, then disable it.

03:49

All right, Just a quick quiz question here. All the following are included in the i o T O s Top 10 list, except which one of these back and data sharing insecure network services or the lack of physical hardening.

04:00

All right, so if you guessed back and data sharing you are correct.

04:04

So in this video, we just talked through the i o t o s top 10 at a very high high level.