Hacking The Invasion of Things (or as my wife calls it, what did you spend our money on this time)

Presented at CarolinaCon 13 (2017), May 20, 2017, 7 p.m. (60 minutes).

The "Internet of Things" (IoT) is taking over our lives, so we should be constantly questioning the security and integrity of these technologies. As an IoT researcher, this is precisely what I do. During this presentation, I will be sharing details of my day-to-day research, covering the various processes and methodologies around researching (attacking) various IoT technologies that we all use every day. I will be discussing the various structures of an IoT ecosystem and showing how each segment of that ecosystem can be compromised to impact the overall security of a product. Using a live demonstration, I will show several of the security issues discovered during my research over the past 12 months and how we worked with the manufacturers to get these issues mitigated.


Presenters:

  • Deral Heiland / percent_x as Deral Heiland
    Deral Heiland CISSP (@Percent_x), serves as a Research Lead (IoT) for Rapid7. Deral has over 20 years of experience in the Information Technology field, and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 8+ years Deral's career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also conducted security research on a numerous technical subject, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including CarolinaCon, Blackhat, Defcon, Shmoocon, DerbyCon, Hack In Paris. Deral has been interviewed by and quoted by several media outlets and publications including BBC, MIT Technical Review, MSNBC, SC Magazine, Threat Post and The Register.

Links:

Similar Presentations: