Sabin POTÎRCĂ
Technical Project Manager, Experimental Research Unit Bitdefender
SPEAKER INTERVIEW AVAILABLEBIOGRAPHY
Sabin POTÎRCĂ works as Technical Project Manager in the Experimental Research Unit at Bitdefender.
Remote Attacks against IoT
Most hacks against smart devices require either proximity or some other form of direct access (port forwarding/UPnP). That being said, what if devices could be hacked up to full remote code execution and root access without direct access and from the other side of the world? And what if the number of devices susceptible to this attack could be large enough to be the next big IoT botnet?
It’s already a well known fact that IoT is currently a gift that keeps on giving when it comes to producing security papers. You can blindly walk into a store, buy a device at random and in 2 weeks you’ll be exchanging emails with the manufacturer to plug their holes. Most hacks against smart devices require either proximity or some other form of direct access (port forwarding/UPnP).
That being said, what if devices could be hacked up to full remote code execution and root access without direct access and from the other side of the world ? And what if the number of devices susceptible to this attack could be large enough to be the next big IoT botnet ?
In this talk we’ll describe the methods and tools used in IoT vulnerability research and our findings on a very popular smart plug: breaking their so-called encryption to capture sensitive data, remote control of the plug and full remote code execution by exploiting the mobile app <-> cloud <-> smart plug synchronisation protocols. All this while the plug is “safely” in a home, behind NAT.
The talk will include
– An updated overview on the tragi-comic state of IoT
– Some stats from our honeypots
– Quick intro to the device and company in question
– Tools and methodology used during the research
– Demo on how trivial is to break their “encryption”
– Demo on full RCE from across the world
– Fun stuff from the present, after the manufacturer produced “a fix”
Are you the next cyber security superstar?
If you are passionate about an information security topic or you have strong technical skills developing researches on your own, you should definitely Apply at Call for Papers. By submitting you will have the chance to showcase your work to +2000 attendees.
Other speakers joining this year
Mihai Vasilescu
Senior Security Research Engineer Ixia, a Keysight business
Alexandru Stoian
Cyber security specialist CERT-RO
Arun Mane
Senior Security Researcher Payatu Software Labs
Ready for this year's presentations?
By registering you will unlock access to 60+ speakers and two full days with cyber security news & showcases from worldwide leaders.
COMPETITIONS
Sponsors & Partners
They help us make this conference possible.
POWERED BY
Orange Business is a key division of Orange Romania, specializing in providing cutting-edge communication, technology, and digital transformation solutions tailored to businesses of all sizes. With a strong emphasis on innovation, Orange Business offers a wide array of services, including high-speed connectivity, cloud computing, cybersecurity, Internet of Things (IoT), and managed services. Their mission is to support organizations in their digital transformation journey by enhancing operational efficiency, improving customer experience, and maintaining a competitive edge in a rapidly changing digital environment.
Orange Business combines deep technological expertise with a customer-centric approach, ensuring that each solution is customized to meet the specific needs of their clients. Their commitment to innovation and excellence makes them a trusted partner for businesses seeking to thrive in the digital age.
PLATINUM PARTNERS
GOLD PARTNERS
SILVER PARTNER
BRONZE PARTNERS
HACKING VILLAGE PARTNERS
EXHIBITORS
VIP LOUNGE POWERED BY
ORGANIZER
INTERNATIONAL COMMUNITY PARTNERS
MEDIA PARTNERS
