Hacking the IoT: A Case Study

Presented at NolaCon 2017, May 19, 2017, noon (Unknown duration).

An IoT device is made up of 5 different components: the hardware, webapp, mobile apps, network communication and API.  Hacking an IoT device requires looking at each component individually, as well as looking at the whole picture.  In this talk, husband and wife team -- Nancy and Phoenix Snoke -- go through the process and findings of hacking an actual IoT device:  a baby monitor.  Both general methodology and specific examples will be presented.  This talk concludes with tips for setting up your own IoT device hacking lab.  Note: the detail level of the findings and whether the exact device model will be released is dependent on a response pending from manufacturer.


Presenters:

  • Phoenix Snoke
    Nancy and Phoenix Snoke have given joint talks at NOLACON, BSides and SkyDogCon. Phoenix would like to remain a mystery, and Nancy specializes on web and mobile application security. Her work experience includes senior software engineer responsible for web application security at PGAC, and a penetration tester for Cisco Systems. Nancy has previously spoken (solo) at Derbycon and NOLACON. She got her undergraduate degree in Computer Engineering in New Orleans at Tulane University, and her Masters in Computer Science at University of Illinois Urbana-Champaign.
  • Nancy Snoke
    Nancy and Phoenix Snoke have given joint talks at NOLACON, BSides and SkyDogCon. Phoenix would like to remain a mystery, and Nancy specializes on web and mobile application security. Her work experience includes senior software engineer responsible for web application security at PGAC, and a penetration tester for Cisco Systems. Nancy has previously spoken (solo) at Derbycon and NOLACON. She got her undergraduate degree in Computer Engineering in New Orleans at Tulane University, and her Masters in Computer Science at University of Illinois Urbana-Champaign.

Links:

Similar Presentations: