August 11, 2018, DEFCON Skytalks and Wall of Sheep
Chet Hosmer and Mike Raggo, Exploiting IoT Communications, A Cover within a Cover
IoT offers new protocols and frequencies over which communication travels. Due to lack of familiarity amongst most enterprises, most organizations are ill-equipped to monitor or detect these mysterious channels.
This introduces a plethora of covert channels by which data could be exfiltrated, or malware to be infiltrated into the network.
In this session, we explore this new frontier by focusing on new methods of IoT protocol exploitation by revealing research conducted over the last 2 years. Detailed examples will be provided, as well as a demo of a python tool for exploiting unused portions of protocol fields.
From our research, we’ll also reveal new methods of detecting aberrant behavior emanating to/from these devices gathered from our lab and real-world testing.