ADVANCED ATTACKS AGAINST MOBILE/IOT DEVICES

Similar documents
ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Integrated Access Management Solutions. Access Televentures

Symantec Endpoint Protection Family Feature Comparison

Changing face of endpoint security

How do you track devices that have been approved for use? Are you automatically alerted if an unapproved device connects to the network?

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

High-performance. Enterprise Scale. Global Mobility.

Bromium: Virtualization-Based Security

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Vulnerability Management

Whitepaper. Endpoint Strategy: Debunking Myths about Isolation

CYBERSECURITY RISK LOWERING CHECKLIST

Mobile Devices prioritize User Experience

Product Overview Version 1.0. May 2018 Silent Circle Silent Circle. All Rights Reserved

locuz.com SOC Services

Securing Your Cloud Introduction Presentation

PrecisionAccess Trusted Access Control

GlobalPlatform Trusted Execution Environment (TEE) for Mobile

Resilient Architectures

Drone /12/2018. Threat Model. Description. Threats. Threat Source Risk Status Date Created

INITIAL ENTERPRISE CHALLENGE:

2017 THALES DATA THREAT REPORT

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

How-to Guide: Tenable Nessus for BeyondTrust. Last Revised: November 13, 2018

Securing Office 365 with MobileIron

RHM Presentation. Maas 360 Mobile device management

Improving Security in Embedded Systems Felix Baum, Product Line Manager

ICS Security Monitoring

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Procedure: Bring your own device

Juniper Vendor Security Requirements

CompTIA A+ Certification ( ) Study Guide Table of Contents

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

Why This Topic Is Essential For ICS/SCADA

INDOOR POSITIONING ANALYTICS

Cisco Adaptive Wireless Intrusion Prevention System: Protecting Information in Motion

Dell EMC OpenManage Mobile. Version 3.0 User s Guide (Android)

benefits for customers with subscriptions in CSP

Go mobile. Stay in control.

RiskSense Attack Surface Validation for IoT Systems

BUFFERZONE Advanced Endpoint Security

HPE Intelligent Management Center

Introducing MVISION. Cohesive Cloud-based Management of Threat Countermeasures and Devices Leveraging Built-in Device Controls. Jon Parkes.

IT Security: Managing a New Reality

K12 Cybersecurity Roadmap

Cisco Secure Ops Solution

The Next Generation of Credential Technology

Mobile Security Fall 2013

SECURE OFFICE OF THE FUTURE

mbed OS Update Sam Grove Technical Lead, mbed OS June 2017 ARM 2017

Cybersecurity with Automated Certificate and Password Management for Surveillance

align security instill confidence

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Provisioning secure Identity for Microcontroller based IoT Devices

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications

OWA Security & Enhancements

Frequently Asked Questions WPA2 Vulnerability (KRACK)

<Criminal Justice Agency Name> Personally Owned Device Policy. Allowed Personally Owned Device Policy

PCI Compliance Updates

Cisco ONE for Access Wireless

CS 356 Operating System Security. Fall 2013

Mobile Field Worker Security Advocate Series: Customer Conversation Guide. Research by IDC, 2015

Lookout's cybersecurity predictions

HP Device as a Service (DaaS)

THALES DATA THREAT REPORT

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

BUFFERZONE Advanced Endpoint Security

Make security part of your client systems refresh

May 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations

A Guide to Closing All Potential VDI Security Gaps

Question No: 1 After running a packet analyzer on the network, a security analyst has noticed the following output:

Samsung and Financial Services. Enhance the customer experience with Samsung s innovative Financial Services offerings

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

Cloud Customer Architecture for Securing Workloads on Cloud Services

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Cisco Connected Factory Accelerator Bundles

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

RFP/RFI Questions for Managed Security Services. Sample MSSP RFP Template

MaaS360 Secure Productivity Suite

Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)

MOBILE NETWORK ACCESS CONTROL

Think Like an Attacker

Critical Infrastructure Protection for the Energy Industries. Building Identity Into the Network

Endpoint Security - what-if analysis 1

SECURITY ON PUBLIC WI-FI New Zealand. A guide to help you stay safe online while using public Wi-Fi

n Explain penetration testing concepts n Explain vulnerability scanning concepts n Reconnaissance is the first step of performing a pen test

Information Security Controls Policy

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

SONICWALL SECURITY HEALTH CHECK PSO 2017

PLATFORM CONVERGENCE JOURNEY

Managing BYOD Networks

What is Eavedropping?

Securing your Virtualized Datacenter. Charu Chaubal Senior Architect, Technical Marketing 6 November, 2008

AAD - ASSET AND ANOMALY DETECTION DATASHEET

TestOut PC Pro - English 6.0.x COURSE OUTLINE. Modified

MEMORY AND BEHAVIORAL PROTECTION ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Cisco ONE for Access Wireless

StageNow Eilbron Meghdies

Security Solutions. Overview. Business Needs

SONICWALL SECURITY HEALTH CHECK SERVICE

Transcription:

CONTEXT- AWARE SECURIT Y THROUGH RAIN RFID

ADVANCED ATTACKS AGAINST MOBILE/IOT DEVICES H A R D W A R E S O F T W A R E W I R E L E S S / N E T W O R K S Cold-Boot Attacks Chip-Extraction Side-Channel Attacks BIOS/UEFI Exploits App Vulnerability Scanning Reverse Engineering Privilege Escalation Attacks Advance Persistent Threats Man-in-the-Middle Attacks Over-the-Air Fuzzing Signature Tracking & Analytics Protocol Analysis 2

CHALLENGES FACING CURRENT MOBILE SECURITY APPROACHES + MOST MOBILE PLATFORMS ARE DEVELOPED FOR COMMERCIAL USE AND INCREASINGLY PROPRIETARY - Companies like Apple and Samsung are developing more and more isolated hardware and software that requires organizations to stay within their ecosystem resulting in single vulnerabilities inflicting system wide weaknesses. + MANY HIGHLY SECURE PLATFORMS FALL BEHIND AND ARE DIFFICULT TO UPGRADE - While some custom solutions offer high levels of security, they are difficult to update to new hardware and operating systems. Customized OS builds are difficult to maintain and require rebuilds when major changes are released. + MOST ORGANIZATIONS THINK TABLET = SMARTPHONE, INSTEAD OF TABLET = PC FOR SECURIT Y - My organizations still lower their security posture for tablets due to misunderstanding hardware capabilities. Tablets are now capable of being high performance machines with the same (or better) hardware than laptops. + MOST ORGANIZATIONS SECURIT Y PROFESSIONALS THINK DEFENSIVELY, NOT OFFENSIVELY - Many mobile security professionals focus on network and app-level security threats, often failing to understand most advanced offensive attackers focus on hardware, firmware, and OS-level vulnerabilities to defeat higher-level defenses. 3

DUE TO VULNERABILITIES, STRICT IT POLICIES ARE NEEDED EXAMPLE POLICIES FOR MOBILE/IOT SECURIT Y + Devices must be powered off when outside of organizationally controlled buildings + Devices can only connect to approved wireless networks + Device must have network and data-at-rest encryption + Data must be capable of being wiped remotely + Bluetooth, NFC, and other wireless communication capabilities must be disabled + Cameras, microphones, and other hardware must be disabled 4

THE ROLE OF CONTEXT IN ORGANIZATIONAL POLICIES + Contextual elements such as location play a critical role in organizational security policies for IT assets + Two major constraints exist with enforcing policies on IT assets: - Most rules/responses require manual user action - Contextual triggers are only available when the device is powered-on, post-boot, and user is authenticated ORGANIZATIONAL POLICIES PERSON/ACTOR/ASSET CONTEXTUAL TRIGGER RULE/RESPONSE 5

CONTEXT-AWARE SECURITY TRIGGERS R F I D WI-FI G P S B L U E T O O T H CONTEXTUAL TRIGGERS LOCATION/PROXIMIT Y DEVICE POWER STATE PERIPHERAL CONNECTIONS NET WORK ACCESS/AUTHENTICATION CORRELATED SECURIT Y RESPONSE BASED ON POLICY RULES USER PROXIMIT Y USER CREDENTIALS 6

Location-Specific Policy DISTRICT: DEFEND SOLVES TRADITIONAL MOBILE WEAKNESSES I m p i n j R F I D Ta g App/Files Operating System Vir tual Machine MOBILE DEVICE POLICY CONTROL Control access to VMs, HW features, networks, OS, applications, and data based on client s location policies Hyper visor I n t e l v P r o MOBILE DEVICE PROTECTION Enforce disk encryption, disable power controls, alert IT when devices leave authorized areas, and wipe data 7

DISTRICT: DEFEND LOCATION-BASED SECURITY (EXAMPLE) District 1: Hallway & Open Conference Rooms District 2: Typical User Work Spaces Start Test User Device Powered On WiFi/NIC Disabled Launch VM (Thick) Access to Basic Apps District 3: Sensitive Information Access Point District 0: Lobby & Exterior 8

DISTRICT: DEFEND LOCATION-BASED SECURITY (EXAMPLE) District 1: Hallway & Open Conference Rooms District 2: Typical User Work Spaces Start 8 Test User! NGT Search Alerts Data Finder WiFi/NIC Enabled Connect to Network Enable Full App Suite Access to Personal Files District 3: Sensitive Information Access Point District 0: Lobby & Exterior 9

DISTRICT: DEFEND LOCATION-BASED SECURITY (EXAMPLE) District 1: Hallway & Open Conference Rooms District 2: Typical User Work Spaces Start 8 Test User! NGT Search Alerts Data Finder WiFi Disabled/NIC Enabled Enable Full App Suite Launch VM (Thin) Access Secure Files District 3: Sensitive Information Access Point District 0: Lobby & Exterior 10

DISTRICT: DEFEND LOCATION-BASED SECURITY (EXAMPLE) District 1: Hallway & Open Conference Rooms District 2: Typical User Work Spaces Device Powered Off Full Encryption Disable Power On District 3: Sensitive Information Access Point District 0: Lobby & Exterior 11

SECURE LOCATION DATA VIA RAIN RFID + Location-based security provides the ability to automatically enforce organizational policies based on a mobile device s physical location OVERCOMING MISCONCEPTIONS + Why Passive RFID? - Does not actively transmit - Does not penetrate well through walls - Out-of-band and does not comingle with sensitive data - Allows for policy updates and tracking even when device is powered off RFID is unsecure for transferring sensitive data No sensitive data is being transmitted over RFID All data is management data and has signature/encryption RFID is susceptible to cloning or denial of service Passive RFID does not function well through walls Random number and nonce prevents replay 12

SIGNIFICANCE TO RAIN COMMUNITY AN ORGANIZATION S MOST VALUEABLE ASSET IS INFORMATION DRIVE ORGANIZATIONAL ADOPTION + Many organizations will not spend money on RFID infrastructure for dumb assets + Connected devices have access to sensitive information and networks higher security budget ESTABLISH NEW MARKETS + Global adoption of mobile devices has exceeded that of traditional desktops + Indoor, office environments (low ceilings) are untapped, yet in need of reliable asset management solutions EXPAND VENDOR ADOPTION + Booz Allen has worked to integrate RAIN RFID tags into two of the world s largest mobile hardware vendors + Promote informed devices that utilize data from RFID tags 13

NEAR AND LONG-TERM FOCUS NEAR-TERM PRIORITIES + Expand customer base beyond government into healthcare, oil & gas, and finance + Support partners in deploying RAIN RFID-embedded secure server technology (e.g., Intel AIR) + Deploy District: Detect asset analytics and management tool LONG-TERM PRIORITIES + Work with partners on smartphone solutions + Continue working with laptop and tablet OEMs to embed RAIN RFID tags into additional product lines 14

BOOZ ALLEN S DISTRICT: DETECT ANALYTICS & MGMT TOOL 15

OPPORTUNITIES IN RAIN RFID-RELATED TECHNOLOGY + Accurate real-time positioning in sub-10ft (3m) ceiling height + Low-cost (<$1,000), small footprint doorway reader capable of directional detection and independent writes for each direction + On-tag protections against advanced replay and cloning attacks + Embedded tags with I 2 C communications 16

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback