GovWare 2018: The Internet Was Built To Outlast Nuclear War But Fails At Smart Toasters

IoT news

SEC Consult, CyberTrap and IoT Inspector showcased their consulting services around information security, reaching from penetration testing, source code review, red teaming, and ISO27001 ISMS implementation to security awareness trainings by the SEC Academy.

At this year’s GovWare 2018 in Singapore, SEC Consult Singapore exhibited together with its partners CyberTrap and IoT Inspector. We showcased our consulting services around information security, reaching from penetration testing, source code review, red teaming, and ISO27001 ISMS implementation to security awareness trainings by our SEC Academy. Our partner’s gave insights into their distributed deception platform CyberTrap and the firmware security analysis platform IoT Inspector.

Also, Florian Lukavsky was invited to speak about IoT security related risks in ‘The Internet – Built to outlast nuclear war but fails at small toasters’ at this year’s GovWare 2018 in Singapore. The existence of botnets like Mirai or VPNFilter shows that attackers have now begun to use the Internet of Things for their own purposes. They are on fertile ground because millions of devices are exposed on the Internet and waiting to be hacked.

In his presentation, Florian showcased IoT Inspector, a platform, which was used to automatically analyze the firmware of thousands of IoT devices, looking at various security issues. Vendor backdoors, embedded cryptographic keys, and outdated software versions are commonplace. In his talk, the results of the “large-scale” firmware analysis were presented. In addition, he provided insights into the latest IoT-cloud related security research by the SEC Consult Vulnerability lab:

During the Q&A, an interesting discussion with the audience took place on responsibilities for insecure IoT devices and how government regulations, and security standards for IoT vendors can be adopted to increase security of the IoT ecosystem in future.

It was a wonderful experience to join GovWare. We want to thank all delegates and visitors for the interesting discussions we had and thank the organizers for this great opportunity. We are looking forward to next year!