Security Researcher Kaspersky Lab Romania
Dan graduated from Imperial College London and holds a Master of Engineering in Software Engineering. He joined Kaspersky Lab in 2014 and currently holds the position of Security Researcher. His work focuses on developing threat intelligence systems, processing big data and creating new technologies to fight advanced persistent threats. When not meddling around with network cables or bricking routers he can be found playing board games and snowboarding the slopes across the world.
Back to the IoT Future: Where Marty controls all your routers
The talk is focused on the latest trends and attacks made against devices connected on networks serviced by large Romanian ISPs so the research might be relevant to some of the people in the audience.
“Those that fail to learn from history, are doomed to repeat it.” — Winston Churchill
By 2020, Gartner expects the number of IoT devices to explode to almost 21 billion connected devices. By it is not the future we should be looking for when trying to predict the (in)security of some of these devices. Lessons learned from the past show us that internet worms will most likely attempt to infect unprotected or poorly managed devices. Examples are plenty: from the famous Morris worm (1988) to the nowadays widespread Mirai backdoor (2016).
History repeats itself: all these IoT devices have in common insecure default configurations and/or running software with bugs. Instead of trying to infect users’ machines with malware, cybercriminals realized that sometimes it is easier to just hijack connections to high traffic websites such as Facebook for instance. This is done by changing the device’s DNS settings to point to a rogue server. Intercepting these high traffic websites, the rogue DNS servers will silently redirect the websites to attacker-controlled web servers. From there, the possibilities are endless.
This attack method is generally undetected by the average user, thus allowing the attackers to keep their campaigns under the radar for a longer time. During the last 2 years we have monitored the DNS hijacking attacks against IoT devices and researched how these devices remain in compromised state for long periods of time. The second part of our research was identifying the websites that were hijacked by the rogue DNS servers. By following the attacker’s footsteps we dive into the world of DNS hijacking, exposing the aftermath of Operation Ghost Click. Sadly, their attack vector increases daily, as more and more insecure IoT devices are being connected to the grid.
This presentation will cover:
* Building and running an IoT honeypot for researching attacks
* Collecting DNS changing attacks
* Analysing rogue DNS servers
* How criminals make money
* Connections with clickjacking attacks
* Increasing the security of future IoT devices
Are you the next cyber security superstar?
Ready for this year's presentations?
By registering you will unlock access to 60+ speakers and two full days with cyber security news & showcases from worldwide leaders.
Sponsors & Partners
They help us make this conference possible.
Orange Romania is the leader of the local telecom market and part of the Orange Group, one of the largest global telecommunications operators, connecting hundreds of millions of customers worldwide. With over 11 million customers and an annual turnover exceeding 1.5 billion euros, Orange Romania connects 1 in 2 Romanians and offers an extensive range of communication solutions to its customers, both individual users and companies, from basic services up to complete voice services, fixed and mobile data, TV services or smart home services, but also mobile financial services. Orange is also a leader in innovation investing yearly over 200 million euros in network infrastructure and R&D initiatives in Romania. In the past 3 years Orange has launched two 5G Labs in Bucharest and Iasi, that aim to support researchers, startups and companies to test their 5G solutions in advance. In addition, Orange is a long-term supporter of the startup ecosystem through the Orange Fab accelerator program designed to support entrepreneurs in the development of innovative products and their distribution locally and internationally.
Orange Services was created in 2013 and is a 100% owned subsidiary of Orange Group. As a technology services company, our DNA is in IT, but our teams also work in other domains including mobile networks and a number of commercial and business functions. Orange Services is one of the largest technology hubs in the Orange Group, working internationally for both Orange corporate functions and country operations. Through a unique combination of cutting edge know-how and expertise, our teams provide a broad range of services: development and supervision of IT services in domains such as Big Data, Cloud, M2M, IoT, TV, Connected Objects; design and development of IT infrastructure and desktop solutions; testing & planning for mobile networks; implementation of supply chain solutions and also improvement of commercial & business performance including BI, CRM, Analytics, Digital learning and Customer Care. Visit us on LinkedIn.