THE NEW LANDSCAPE OF AIRBORNE CYBERATTACKS

Similar documents
PROTECTING THE ENTERPRISE FROM BLUEBORNE

Omar Alrawi. Security Evaluation of Home-based IoT Deployments

Ethical Hacking and Countermeasures: Secure Network Operating Systems and Infrastructures, Second Edition

Frequently Asked Questions WPA2 Vulnerability (KRACK)

WHY ARMIS. 1. Comprehensive Asset Discovery and Inventory. 2. Agentless. Top 10 Reasons To Consider Armis

Welcome. Password Management & Public Wi-Fi Security. Hosted by: Content by:

MOBILE SECURITY OVERVIEW. Tim LeMaster

WHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX

Internet of Things (IoT) Attacks. The Internet of Things (IoT) is based off a larger concept; the Internet of Things came

User Guide. Campus Connect

What Ails Our Healthcare Systems?

Exam : JK Title : CompTIA E2C Security+ (2008 Edition) Exam. Version : Demo

MOBILE THREAT LANDSCAPE. February 2018

Zimperium Global Threat Data

Ch 1: The Mobile Risk Ecosystem. CNIT 128: Hacking Mobile Devices. Updated

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

Instructions How To Use The Iphone 4s Bluetooth With Other Phones

Intelligent Protection

Changing face of endpoint security

Transforming Security Part 2: From the Device to the Data Center

Topics. Ensuring Security on Mobile Devices

Automated Threat Management - in Real Time. Vectra Networks

SECURING UNMANAGED DEVICES IN THE ENTERPRISE

How To Setup Bluetooth Iphone 4s Ringtones On Windows >>>CLICK HERE<<<

Managing IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services

FIREWALL BEST PRACTICES TO BLOCK

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Xerox and Cisco Identity Services Engine (ISE) White Paper

How to use Video Conferencing & Desktop Sharing on Magnet Voice

ShareLink 200 N Setup Guide

SECURITY PLATFORM FOR HEALTHCARE PROVIDERS

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Mobile Security using IBM Endpoint Manager Mobile Device Management

Welcome. ScrogginsGrear clients. to Cybersecurity Education Series. Password Management & Public Wi-Fi Security

Thomas Lippert Principal Product Manager. Sophos Mobile. Spring 2017

Man-In-The-Browser Attacks. Daniel Tomescu

Don t blink or how to create secure software. Bozhidar Bozhanov, LogSentinel

ForeScout Extended Module for Carbon Black

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

Best Practices in Securing a Multicloud World

whitepaper ClickShare Security

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management

Mobile Security Fall 2013

OPSWAT Metadefender. Superior Malware Threat Prevention and Analysis

ADVANCED, UNKNOWN MALWARE IN THE HEART OF EUROPE

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

ForeScout Extended Module for Splunk

PENETRATION TESTING OF AUTOMOTIVE DEVICES. Dr. Ákos Csilling Robert Bosch Kft., Budapest HUSTEF 15/11/2017

IoT Security for Critical Information Infrastructures. Andrey Tikhonov

How To Setup Bluetooth Iphone 4s Ringtones On Mac Via >>>CLICK HERE<<<

The Cognito automated threat detection and response platform

Endpoint Protection : Last line of defense?

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

A. The portal will function as an identity provider and issue an authentication assertion

Endpoint Security - what-if analysis 1

Nintendo Consoles/Handhelds

Data Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.

Introducing MVISION. Cohesive Cloud-based Management of Threat Countermeasures and Devices Leveraging Built-in Device Controls. Jon Parkes.

Massive Attack WannaCry Update and Prevention. Eric Kwok KL.CSE

Comodo Endpoint Manager Software Version 6.25

Mobile Devices prioritize User Experience

Exam : Title : Security Solutions for Systems Engineers(SSSE) Version : Demo

Bluetooth Vulnerability Assessment

Understanding the Changing Cybersecurity Problem

Anatomy of an Enterprise Mobile Security Incident

ARM European Technical Symposium The security challenges that IoT and Mobile Computing Devices are facing. Pierre Garnier, COO

Adaptive Authentication

ARTIFICIAL INTELLIGENCE POWERED AUTOMATED THREAT HUNTING AND NETWORK SELF-DEFENSE

UC-One Implementation Guide

10 FOCUS AREAS FOR BREACH PREVENTION

Standard: Vulnerability Management & Standard

FOUR WAYS TO IMPROVE ENDPOINT SECURITY: MOVING BEYOND TRADITIONAL APPROACHES

Wireless LAN Security (RM12/2002)

ForeScout CounterACT. Security Policy Templates. Configuration Guide. Version

Webinar: Mitigating the risks of uncontrolled content access from mobile devices. Presented By: Brian Ulmer, Product Management Director

Security and Authentication

IRL: Live Hacking Demos!

Securing Today s Mobile Workforce

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

Securing the SMB Cloud Generation

ShareLink 200 N Setup Guide

When Hardware Attacks. Marc Witteman

5. Execute the attack and obtain unauthorized access to the system.

AirServer Connect User Guide

Blackjacking. Daniel Hoffman. Security Threats to BlackBerry Devices, PDAs, and Cell Phones in the Enterprise. Wiley Publishing, Inc.

Network Access Control and VoIP. Ben Hostetler Senior Information Security Advisor

Course Outline Topic 1: Current State Assessment, Security Operations Centers, and Security Architecture

System Requirements for Computer-Based Testing AzMERIT

Comodo Endpoint Manager Software Version 6.25

System Requirements for Computer-Based Testing AzMERIT

Trend Micro Deep Discovery for Education. Identify and mitigate APTs and other security issues before they corrupt databases or steal sensitive data

Comodo Endpoint Manager Software Version 6.26

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

RSA Web Threat Detection

MEMORY AND BEHAVIORAL PROTECTION ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Question No: 1 After running a packet analyzer on the network, a security analyst has noticed the following output:


Section A - Standards that Apply to All CoE Owned Devices

Transcription:

SESSION ID: MBS-W04 THE NEW LANDSCAPE OF AIRBORNE CYBERATTACKS Nadir Izrael CTO & Co-Founder Armis, Inc. Ben Seri Head of Research Armis, Inc.

Placeholder Slide: Image of spread of infection

Placeholder Slide: Image of spread of infection

THE NEW ATTACK LANDSCAPE The Airborne Attack

The Airborne Attack (protocol) (software) (hardware) (hardware) 5

No User Interaction Required Internet URL Link Download Pair Device 6

Bluetooth s Stagefright Moment 5.5B+ Devices At Risk 2B+ Unpatchable 9 Zero-Day Vulnerabilities (4 critical) Android, Windows, Linux, and ios Most serious Bluetooth vulnerability to date Enables RCE, MiTM, and Info Leaks 7

BlueBorne Can Spread From Device To Device

What Systems Are Impacted 1 Info Leak 2 RCE 1 MiTM 1 Info Leak 1 RCE 1 RCE Pre-iOS 10 Pre- tvos 9 1 Info Leak 1 RCE 1 MiTM Google Pixel Samsung Galaxy Samsung Galaxy Tab LG Watch Sport Google Home Windows Desktops Windows Laptops Samsung Gear S3 (Smartwatch) Samsung Smart TVs Samsung Family Hub (Smart refrigerator) iphone ipad ipod Apple TV Amazon Echo 10

82% of companies have an Amazon Echo in their environment Located executive offices Brought in by employees 11

How BlueBorne Works High Privileges 12

How BlueTooth Pairs Bluetooth is on and discoverable User must find and proactively pair to the device Some authentication or PIN to connect Devices exchange keys, and auto connect without discoverable mode Bluetooth Speakers Connected Device 1 (Smart Phone) Device 2 (Bluetooth Speakers) 13

How BlueBorne Works Bluetooth is on Attacker gets the MAC address Bluetooth 00:2b:09:6f:2b:01 Bluetooth Attacker initiates Bluetooth and attacks via using a BlueBorne vulnerability RCE MiTM No user interaction required No pairing No approval Attacker can take over, create MiTM, get encryption keys, etc. Attacker (Laptop) 14 Target (Smart Phone)

A BlueBorne Worm Attacker Worm-like potential Deliver ransomware Spread botnet Steal credentials More 15

Info Leak 16

Info Leak (To Desktop) Attacker (Laptop) Linux PC Target (Keyboard) User connected to Linux desktop Attacker uses info leak to get encryption keys of the keyboard Attacker intercepts keystrokes without running code or doing MiTM Attacker can also inject keystrokes to the targeted device 17

Info Leak (Headset) Attacker (Laptop) Android (Smartphone) User connected to Android smartphone Attacker uses info leak to get encryption keys of the headset Attacker intercepts headset audio (eavesdropping on calls for instance) Target (Headset) 18

Man in the Middle Attack 19

MiTM WiFi Pineapple Corporate Network Internet IMPORTANT User Interaction Required Users Select The Network 20 WiFi Pineapple

MiTM Bluetooth Pineapple Corporate Network Internet IMPORTANT No User Interaction Required Bluetooth Pineapple 21

A Broken Security Architecture Architecture broken 22

The New Attack Landscape C&C Perimeter Firewall Network Core Core Switch Aggregation Layer WLC Controller Aggregation Switches Access Layer Access Point Access Switches Managed & Unmanaged Devices 23

Segmentation Will Not Protect Us 24

The True RCE Vulnerability Ratio Traditional Desktop Mobile Network Infrastructure IoT 1 per year 2-3 per year 100 per year every year True Remote Code Execution Vulnerabilities 25

The Infrastructure: A wide Range of Unmanaged Devices CVE-2018-0171 26

Infrastructure Is Becoming an Easy Target Lack mitigation techniques that are standard in endpoints These are similar to all IoT devices Updates to these systems are almost never automated Public exploits for devices are easy to develop and use 27

28

DEMONSTRATION BlueBorne Attack

BlueBorne Attack 1 IoT device attacked Amazon Echo taken over via BlueBorne 5 2 Echo controlled via Internet Attacker moves control of Echo to the Internet Bluetooth no longer used Amazon Echo is used as a relay 3 Network Infrastructure is compromised Internet Infrastructure 2 3 4 Via the Echo, attacker compromises the Network Infrastructure Attack breaks segmentation Guest and Corporate are irrelevant 1 4 Confidential data accessed Attacker accesses confidential information Can actively interact with other devices Attacker Laptop Amazon Echo Corporate Server 5 Data passed via Internet Data exfiltrated over the internet connection 30

Meet the New Endpoint Designed To Connect No Security Billions of Devices Hard to Update Many Manufacturers Hard to Discover 31

IMPLICATIONS AND NEXT STEPS

The Implications Item Airborne Attacks IoT Devices Network Infrastructure Implication Devices being attack over the air Out of the traditional kill chain Moving device-to-device Needs to be seen as an endpoint Gateway to your critical data and systems Need to view as unmanaged devices Segmentation is exposed and can be broken 33

Recommendations Device and network discovery and visibility are critical. 34

Next Steps Immediately Month 1 Month 3 Month 6+ Discovery Discovery Report Cross Team Meeting Cross Functional Meeting (Security, Networking, Operations, Facilities) Identify Program Policies Employee Education Rapid Response Identify Solution Implement Program Implement 35

QUESTIONS

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback