Understanding the IoT Threat Landscape and a Home Appliance Manufacturer's Approach to Counter Threats to IoT

Presented at Black Hat Europe 2019, Dec. 5, 2019, 10 a.m. (25 minutes)

As we live in a world where billions of IoT devices are connected to the Internet, there are streams of news articles that depict damages caused by malware and other threats that target such devices. While there are some things that users can do to prevent such damages, consumers expect manufacturers to consider security as part of the product design in the development lifecycle.

Panasonic, being a device manufacturer, is able to collect information on these threats by connecting our own devices in the development / pre-shipment phases to a honeypot that we have developed. Since its deployment, Panasonic has been able to find 179 million attack cases and 25 thousand malware samples, of which 4,800 were unique samples targeting IoT. 20% of the samples were new and hashes for them did not exist when querying Virustotal. In addition, we discovered 0-day attacks against the SMB protocol, allowing attackers to access data on compromised home appliances.

We have developed a system where information being collected through the honeypot is sent to a Sandbox for automated analysis, to address our concern for having a limited number of security experts. What this system allows Panasonic to do is collect "malware targeting/exploiting Panasonic IoT devices" for quicker remediation, in addition to "popular malware" targeting a wide-range of IoT devices.

In this session, we will discuss the details of this project and share some analysis of malware that have been collected. By leveraging this information, Panasonic aims to develop products that are resilient to malware. In addition, we are looking for ways to use this threat and remediation information to develop an IoT SOC.


Presenters:

  • Yuki Osawa - Senior Engineer, CISSP, Panasonic Corporation
    Yuki Osawa is the leader of Panasonic product security activities in APAC region. He started his career as a software engineer for telecom network at NTT Comware Corporation. He worked for Hyogo prefectural government during 2005 to 2017 as an administrator of information systems. He was a member of CSIRT in Hyogo government. He has received a master's degree in Information Technology - Information Security from Carnegie Mellon CyLab Japan in 2009. After joined Panasonic since 2017, he has focused on improving security for IoT, including Product security training for developers, Threat intelligence of IoT and CTFs.
  • Hikohiro Y Lin - General Manager And Head of Panasonic PSIRT, Panasonic Corporation
    <p><span style="font-size: 10pt;" data-mce-style="font-size: 10pt;">Mr. Hikohiro Y Lin was born in Kobe City of Japan. After finishing his master at George Mason University in Virginia USA, he joined Panasonic and started as an IoT security researcher since 2003. Since then he has spent 15 years mainly focused on the IoT security field. He is now the Head of Panasonic PSIRT, leading product security activities such as making a red team for testing IoT devices and making guidelines and product-focused security incident responses at Panasonic. He has also received (ISC)² ISLA (Information Security Leadership Achievement) APAC Senior Information Security Professional 2018 Showcased Honoree and Community Service Star.</span></p>

Links:

Similar Presentations: