Dan Demeter

Security Researcher Kaspersky Lab Romania

BIOGRAPHY

Dan graduated from Imperial College London and holds a Master of Engineering in Software Engineering. He joined Kaspersky Lab in 2014 and currently holds the position of Security Researcher. His work focuses on developing threat intelligence systems, processing big data and creating new technologies to fight advanced persistent threats. When not meddling around with network cables or bricking routers he can be found playing board games and snowboarding the slopes across the world.

Back to the IoT Future: Where Marty controls all your routers

The talk is focused on the latest trends and attacks made against devices connected on networks serviced by large Romanian ISPs so the research might be relevant to some of the people in the audience.
“Those that fail to learn from history, are doomed to repeat it.” — Winston Churchill
By 2020, Gartner expects the number of IoT devices to explode to almost 21 billion connected devices. By it is not the future we should be looking for when trying to predict the (in)security of some of these devices. Lessons learned from the past show us that internet worms will most likely attempt to infect unprotected or poorly managed devices. Examples are plenty: from the famous Morris worm (1988) to the nowadays widespread Mirai backdoor (2016).
History repeats itself: all these IoT devices have in common insecure default configurations and/or running software with bugs. Instead of trying to infect users’ machines with malware, cybercriminals realized that sometimes it is easier to just hijack connections to high traffic websites such as Facebook for instance. This is done by changing the device’s DNS settings to point to a rogue server. Intercepting these high traffic websites, the rogue DNS servers will silently redirect the websites to attacker-controlled web servers. From there, the possibilities are endless.
This attack method is generally undetected by the average user, thus allowing the attackers to keep their campaigns under the radar for a longer time. During the last 2 years we have monitored the DNS hijacking attacks against IoT devices and researched how these devices remain in compromised state for long periods of time. The second part of our research was identifying the websites that were hijacked by the rogue DNS servers. By following the attacker’s footsteps we dive into the world of DNS hijacking, exposing the aftermath of Operation Ghost Click. Sadly, their attack vector increases daily, as more and more insecure IoT devices are being connected to the grid.
This presentation will cover:
* Building and running an IoT honeypot for researching attacks
* Collecting DNS changing attacks
* Analysing rogue DNS servers
* How criminals make money
* Connections with clickjacking attacks
* Increasing the security of future IoT devices

Are you the next cyber security superstar?

If you are passionate about an information security topic or you have strong technical skills developing researches on your own, you should definitely Apply at Call for Papers. By submitting you will have the chance to showcase your work to +2000 attendees.

Other speakers joining this year

Irina Nicolae

Research Scientist IBM Research

SPEAKER INTERVIEW AVAILABLE

Neculai Balaban

Member of the national team the represented Romania in ECSC 2017

Uzoma OGBONNA

Cloud Security Engineer Adobe

Ready for this year's presentations?

By registering you will unlock access to 60+ speakers and two full days with cyber security news & showcases from worldwide leaders.

0
SPEAKERS
0
COUNTRIES
0
ATTENDEES
0
HACKING
COMPETITIONS
0
COMPANIES

Sponsors & Partners

They help us make this conference possible.

POWERED BY

As an infrastructure operator, technology integrator and IT&C services provider, Orange Business Services supports businesses and public entities in their digital transformation. Collect, transport, protect, store and process and analyze: they orchestrate every phase of the data journey, for your business to create even more value.

WWW.ORANGE.RO

PLATINUM PARTNERS

Ixia provides testing, visibility, security solutions, network testing tools and virtual network security solutions to strengthen applications across physical and virtual networks.

WWW.IXIACOM.COM

Secureworks provides threat intelligence-driven security solutions for organizations to prevent, detect, rapidly respond and predict cyberattacks.

WWW.SECUREWORKS.COM

GOLD PARTNERS
SILVER PARTNERS
GAMING PARTNERS
VIP & SPEAKER LOUNGE PARTNER
BRONZE PARTNERS
COMMUNITY & MEDIA PARTNERS