Ransomware on the refrigerator, back-doors in the tea kettle, and vacuums that know when you are home may seem like jokes, but with Internet of Things devices expanding into our lives this will be the reality without better security. Through vulnerability and attack demonstrations in common scenarios, I demonstrate how security weaknesses in IoT devices put user privacy at risk from external and internal threat actors. Manufacturers and security professionals must work together to improve the security of IoT so that these devices are truly worthy of being exposed to the hostile Internet. By combining improved built-in security and increased user awareness for managing IoT security, these devices can continue to provide innovative functionality without sacrificing security and privacy.

Rick Ramgattie is a Security Analyst at Independent Security Evaluators (ISE), where he conducts high-end, custom security assessments of computer hardware and software products. Mr. Ramgattie is a novice in the art of reverse engineering, and has taken part in hands-on security assessments of DRM systems, IoT devices, and many different native and mobile applications. He enjoys reverse engineering, occasional CTFs, and reading.

Back to Cyphercon 2.0 video list