Presented at
BSidesSF 2015,
April 20, 2015, 4 p.m.
(60 minutes).
In the past, network device awareness (SANS Critical Security Control #1) was achieved through asset monitoring, vuln scanning, Network Access Control (NAC), device authentication, and network/wireless intrusion detection.
Unfortunately, the Internet of Everything has spawned a little-understood and ever-expanding threat vector - the massive proliferation of broad-spectrum wireless, mobile/micro, transient computing devices:
Corporate-sponsored BYOD
Mobile phones/tablets, Wireless APs, MiFis, microcells
4G/LTE, Bluetooth, & RFID/NFC-enabled consumer devices
Micro, ultra-portable, & wearable computing devices
Wireless thermostats, burglar alarms, IP cameras, UAVs/drones, heating/cooling systems, power distribution, & industrial automation
A rapidly-expanding market of low-cost, plug-and-play cyber espionage devices, the "Internet of Evil Things".
This attack surface has expanded beyond the visibility of today's monitoring and intrusion detection systems. Yesterday's defenses are no longer adequate. Come learn all the ways criminals are getting access while bypassing all alarms and monitored networks. New attacks and possible defenses will be shown live.
Presenters:
-
Rick Farina / Zero_Chaos
as Rick Farina (Zero_Chaos)
Rick Farina (Zero_Chaos) is a well known wireless hacker and member of the DEF CON Wireless Village team and the Wireless Capture the Flag team. He has been researching all manner of layer one and two hacking for the past fifteen years, most recently as Director of Engineering for Pwnie Labs at Pwnie Express.
Links:
Similar Presentations: