Towards identifying neglected, obsolete and abandoned IoT and OT devices

Add to your list(s) Download to your calendar using vCal

• Ricardo Yaben, Technical University of Denmark (DTU)
• Thursday 16 May 2024, 15:00-16:00
• FW11.

If you have a question about this talk, please contact Ryan Gibb.

https://cl-cam-ac-uk.zoom.us/j/97216272378?pwd=M2diTFhMTnppckJtNWhFVTBKK0REZz09

The rapid adoption of Internet of Things (IoT) and Operational Technology (OT) devices to control systems remotely has introduced significant cyber-security challenges. Attackers have compromised millions of such devices over the years, exploiting their lack of management and weak cyber-security. In this paper, we examine cyber-security issues of neglected, obsolete, and abandoned IoT and OT devices exposed to the Internet. The core of our work focuses on identifying these devices using common scanning tools to find indicators of vulnerabilities and misconfigurations. Moreover, we present an analysis of our Internet-wide scans during a period of two weeks targeting security issues in 8 IoT and OT protocols: MQTT , CoAP, XMPP , Modbus, OPC UA , RTPS, DNP3 and BACnet. We observed over 1 million addresses exposing one or more of these services, of which 675,896 appear vulnerable or misconfigured. Lastly, we examine the IP reputation of the vulnerable devices and show that 7,424 were reported at least once.

This talk is part of the Computer Laboratory Systems Research Group Seminar series.

This talk is included in these lists:

• All Talks (aka the CURE list)
• CL's SRG seminar
• Cambridge Centre for Data-Driven Discovery (C2D3)
• Cambridge talks
• Chris Davis' list
• Computer Laboratory Systems Research Group Seminar
• Department of Computer Science and Technology talks and seminars
• FW11
• Interested Talks
• School of Technology
• Security-related talks
• Trust & Technology Initiative - interesting events
• bld31
• ndk22's list
• ob366-ai4er
• rp587

Note that ex-directory lists are not shown.