Threats and Attacks on IoT Systems PDF
Document Details
Uploaded by BraveTrigonometry
Guimaras State University
Maria Lea Gatungay,Julius Sabilala,Gwyn Erica Cordero
Tags
Summary
This presentation discusses threats and attacks on IoT systems. It covers DDoS attacks, botnets, ransomware, and malware targeting IoT devices, offering insights into their workings. Strategies for mitigating these threats and attacks through device security, network segmentation, and other measures are also explained. The presentation includes examples of high-profile attacks and case studies.
Full Transcript
Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] UNIT 4: Threats and Attacks on Iot Systems Prepared by: Maria Lea Gatungay...
Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] UNIT 4: Threats and Attacks on Iot Systems Prepared by: Maria Lea Gatungay Julius Sabilala Gwyn Erica Cordero Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Threats and Attacks on Iot Systems What is IoT? The Internet of Things (IoT) refers to a network of physical objects—"things"—embedded with sensors, software, and other technologies to connect and exchange data with other devices and systems over the internet. Examples: Wearables such as Fitness Tracker, Smartwatches, Smart Light Bulbs, Precision Farming, etc. Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Threats and Attacks on Iot Systems IoT has revolutionized various sectors by interconnecting devices and enabling seamless data exchange. However, this increased connectivity also introduces significant security challenges. Threats and attacks on IoT systems are a growing concern as these systems often have vulnerabilities due to their vast and varied nature. Common threats include unauthorized access, data breaches, malware, and denial-of-service (DoS) attacks. Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] DDOS Attacks on IoT Devices Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] DDOS Attacks on IoT Devices Distributed Denial of Service (DDoS) attacks on IoT devices are a significant security concern due to the increasing number and variety of these devices connected to the internet. In a DDoS attack, multiple compromised devices are used to flood a target system with excessive traffic, overwhelming its capacity to function properly. Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] DDOS Attacks on Iot Devices How DDoS Attacks on IoT Devices Work? 1. Compromising IoT Devices 2. Building a Botnet 3. Launching the Attack 4. Overloading the Target Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] DDOS Attacks on Iot Devices Mitigating DDoS Attacks on IoT Devices 1. Improving Device Security 2. Network Segmentation 3. DDoS Protection Services 4. Monitoring and Detection 5. User Education Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Botnets in IoT Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Botnets in IoT Botnets in the context of Internet of Things (IoT) refer to networks of interconnected devices that have been compromised and are controlled remotely by attackers. These are typically used for malicious activities such as Distributed Denial of Service (DDoS) attacks, spamming, data theft, and other cybercrimes. Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Botnets in IoT How does Botnets on IoT Devices Work? 1. Exploitation of Vulnerabilities 2. Device Compromise 3. Botnet Formation 4. Malicious Activities Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Botnets in IoT Mitigating Botnets on IoT Devices 1. Enhancing Security Practices 2. Network Segmentation 3. User Awareness 4. Real-Time Monitoring and anomaly detection system Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Ransomware and Malware Targeting IoT Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Ransomware and Malware Targeting IoT Ransomware and malware targeting Internet of Things (IoT) devices are significant and growing threats in the cybersecurity landscape. As IoT devices become more integrated into daily life and critical infrastructure, they present attractive targets for cybercriminals. These attacks can disrupt operations, steal data, and cause significant financial damage. Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Ransomware and Malware Targeting IoT Ransomware Targeting IoT Devices Ransomware is a type of malware that encrypts a victim's data and demands payment, usually in cryptocurrency, to restore access. When ransomware targets IoT devices, it can disrupt not only the device itself but also the broader systems it is part of. Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Ransomware and Malware Targeting IoT Examples and Impact: 1. Industrial IoT Devices: In an industrial setting, ransomware can halt production lines, leading to significant downtime and financial losses. For example, an attack on a smart factory could encrypt the systems controlling the machinery, forcing a halt in production until the ransom is paid. Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Ransomware and Malware Targeting IoT Examples and Impact: 2. Smart Home Devices: If ransomware infects smart home devices, it can lock users out of essential services, such as heating, security systems, and lighting. This can cause inconvenience and potential safety risks. Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Ransomware and Malware Targeting IoT Examples and Impact: 3. Healthcare: In healthcare, ransomware can target medical devices such as smart infusion pumps, pacemakers, or patient monitoring systems. This can compromise patient safety and force hospitals to pay ransoms to restore critical services. Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Ransomware and Malware Targeting IoT Malware Targeting IoT Devices Malware in IoT contexts often aims to exploit devices for various malicious purposes, such as creating botnets, stealing data, or facilitating further attacks. Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Ransomware and Malware Targeting IoT How to Mitigate Malware in IoT Devices? 1. Strong Authentication and Password Management 2. Backup and Recovery Plans 3. Intrusion Detection Systems (IDS) and Anomaly Detection 4. Regular Firmware Updates Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Case Studies of High Profile IoT Attacks Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Case Studies of High Profile IoT Attacks 1. Mirai Botnet Attack (2016) The Mirai botnet attack is one of the most infamous IoT-related cyberattacks. It compromised thousands of IoT devices, such as IP cameras and home routers, by exploiting default login credentials. Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Case Studies of High Profile IoT Attacks 2. Stuxnet (2010) Stuxnet is a sophisticated worm that targeted Iran's nuclear facilities. It is considered one of the first known cyber weapons designed to cause physical damage. Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Case Studies of High Profile IoT Attacks 3. Hack of Jeep Cherokee (2015) Security researchers Charlie Miller and Chris Valasek demonstrated the vulnerability of connected vehicles by remotely hacking a Jeep Cherokee. They remotely controlled the vehicle's steering, brakes, and transmission, showcasing the potential dangers of insecure IoT systems in vehicles. Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Case Studies of High Profile IoT Attacks 4. TRITON/TRISIS Malware (2017) The TRITON malware targeted industrial control systems (ICS) and was designed to manipulate the Triconex Safety Instrumented System (SIS) controllers used in critical infrastructure. The malware attempted to reprogram the SIS controllers, potentially causing unsafe conditions in the affected facility. Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Guess the Word Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Guess the Word Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Guess the Word Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Guess the Word Botnet Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Guess the Word Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Guess the Word DDOS Attack Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Guess the Word Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Guess the Word Internet of Things Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Guess the Word Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Guess the Word Ransomware Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Guess the Word Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Guess the Word Threat Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Guess the Word Guimaras State University COLLEGE OF SCIENCE AND TECHNOLOGY Alaguisoc, Jordan, Guimaras [email protected] Case Studies of High Profile IoT Attacks (✿◠‿◠)
