judgment day: april 12 th 2015 the internet of things: who is in control? johannes b. ullrich, ph.d....
TRANSCRIPT
![Page 1: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/1.jpg)
Judgment Day: April 12th 2015The Internet of Things: Who is in Control?
Johannes B. Ullrich, [email protected]
@johullrich
1
![Page 2: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/2.jpg)
About Me
• Dean of Research, SANS Technology Institute
• SANS Internet Storm Centerhttps://isc.sans.edu
• Created DShield.org• Instructor for SANS• Past: Physicist, Web Developer• Living in Jacksonville, FL
2
![Page 3: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/3.jpg)
3
![Page 4: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/4.jpg)
Are We in Control?
4
Quantified Self
Data
Internet of
Things
Devices
![Page 5: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/5.jpg)
Quantified Self: Dawn to Dusk
5
Photo: Withings.com
![Page 6: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/6.jpg)
Quantified Self: Dawn to Dusk
6
Photo: thevesl.com
![Page 7: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/7.jpg)
Quantified Self: Dawn to Dusk
7
Photo: Progressive
![Page 8: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/8.jpg)
Quantified Self: Dawn to Dusk
8
Photo: Fitbit
![Page 9: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/9.jpg)
Hello Barbie
9
![Page 10: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/10.jpg)
Quantified Self: Dawn to Dusk
10
![Page 11: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/11.jpg)
Home / Small Business
11
![Page 12: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/12.jpg)
Enterprise Networks
12
![Page 13: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/13.jpg)
Municipal/Gov Networks
13
![Page 14: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/14.jpg)
The “Internet of Things”
14
![Page 15: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/15.jpg)
New Protocols: IPv6
• Easier to Scale then IPv4• Auto configuration• Extensible• Integrated with various Layer 2
options
15
![Page 16: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/16.jpg)
New Protocols: 6LoWPAN / IEEE 802.15.4
• IPv6 over Low power Wireless Personal Area Network
• Easier network management• Low Power• Low Hardware Requirements• Security
16
![Page 17: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/17.jpg)
Risks: New Wireless Protocols
• IEEE 802.15.4 / 6LoWPAN• AES identified as encryption
algorithm• Key Management challenge: Auto
configuration / on-boarding at scale• IPSec (IKEv2) may not work due to
power constraints
17
![Page 18: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/18.jpg)
Example: LIFX Light Bulbs
• Light Bulbs communicate via 6LoWPAN with each other (mesh)
• One light bulb acts as router/controller to connect to Wi-Fi (802.11)
• Pre-shared AES key hardcoded. Same for all bulbs
• 6LoWPAN is used to exchange WiFi credentials (which are now at risk)
• Solution: Derive 6LoWPAN key from Wi-Fi Password.
18
![Page 19: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/19.jpg)
Risks: New Attack Platforms
• Many devices use customized versions of commodity operating systems (Linux/Windows)
• Wide range of architectures, not just x86
• Embedded systems can even be found inside conventional systems
19
![Page 20: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/20.jpg)
SciFi
20
Photo: Warner BrothersPhoto: Paramount Pictures
Photo: tailgrab.org
![Page 21: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/21.jpg)
ISC Mission
• Global Network Security Information Sharing Community
• We share fast, ask readers for insight• Expanding diverse sensors for
automatic data collection• Built around DShield platform• Raw data available for others to
analyze
21
![Page 22: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/22.jpg)
ISC: The big picture
22
![Page 23: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/23.jpg)
ISC Handlers
• Currently about 30 volunteer handlers
• Located worldwide and working in different industries
23
![Page 24: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/24.jpg)
How to use our data
• Threat Intelligence– Diaries– IP Address Feeds– Domain Feeds
• Data is free to use for your own network (Creative Commons License)
• Share back!
24
![Page 25: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/25.jpg)
Case #1 – Compromised Routers
• E-Mail + phone call from ISP in Wyoming– Affects Linksys E1000/1200– Scanning for Port 80/8080– Latest firmware not affected– Reset of router clears malware
25
![Page 26: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/26.jpg)
Case #1: Verification
• Check DShield Logs: No spike in port 80/8080, but they are always busy
26
![Page 27: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/27.jpg)
Case #1: Honeypot Data
Seeing “interesting” requests:
GET /HNAP1/ HTTP/1.1Host: a.b.c.d:8080
But nothing else…Something seems to be going on, publishing first “Diary”
27
![Page 28: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/28.jpg)
Case #1: Experiment
wget http://routerip/HNAP1/
<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/…”><soap:Body><GetDeviceSettingsResponse ... >
<DeviceName>Cisco40033</DeviceName><VendorName>Linksys</VendorName>…<ModelName>E4200</ModelName>…</GetDeviceSettingsResponse></soap:Body></soap:Envelope>
28
![Page 29: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/29.jpg)
Case #1: Honeypot
• Setting up a simple Honeypot to simulate router (reply with correct HNAP response)
• Scanning routers now send exploit:POST /tmUnblock.cgi HTTP/1.1Host: [ip of honeypot]:8080Authorization: Basic YWRtaW46JmkxKkBVJDZ4dmNH
29
![Page 30: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/30.jpg)
Case #1: The Moon Worm
30
![Page 31: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/31.jpg)
Case #1: Challenges
• MIPS Architecture• No common virtual environments
available• Most reverse analysis tools are x86
centric• Exploit requires specific firmware
versions• NO PATCH?!!
31
![Page 32: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/32.jpg)
Case #2: Port 5000 Traffic
32
![Page 33: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/33.jpg)
Case #2: Compromised DVRs
• Security Camera DVRs• Exposed to Internet for remote
monitoring
33
![Page 34: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/34.jpg)
Case #2: Exploit
• Very simple exploit: default username/password (root/12345) used to telnet
• Various binaries copied to DVR– Bitcoin miner– Scanner for Synology Vulnerability– wget / helper tools
34
![Page 35: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/35.jpg)
Case #2: Why Vulnerable?
• Simple Password Dialog• Not possible to turn off telnet
35
![Page 36: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/36.jpg)
Case #2: Who Did it?
36
![Page 37: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/37.jpg)
Case #2: Who did it?
37
![Page 38: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/38.jpg)
Case #2: Why Vulnerable?
38
![Page 39: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/39.jpg)
Echo File Transfer
echo -ne '\x00\x00\x00\x2f\x00\x00\x00\x1a\x00\x00 \x00\x00\x00\x00\x00\x05\x00\x00\x00\x00 \x00\x00\x00\x04\x00\x00\x00\x00\x00\x00 \x00\x31\x00\x00\x00\x00\x00 \x00\x00\x2a\x00\x00\x00\x1b\x00\x00\x00 \x14\x00\x00\x00' >> /var/run/rand0-btcminer-arm && echo -e '\x64\x6f\x6e\x65'
39
![Page 40: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/40.jpg)
Case #3: Synology Disk Stations
• Vulnerable web based admin interface• Exposed on port 5000• Allows remote code execution• Exploited before patch
became available• Difficult to patch devices
40
![Page 41: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/41.jpg)
Case #3: Synology Vulnerability History
• CVE-2014-2264: Hardcoded VPN Password
• CVE-2013-6955: webman vulnerability allows appending to arbitrary files
• CVE-2013-6987: read/write/delete files via directory traversal
41
![Page 42: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/42.jpg)
Case #3: Iowa State Breach
• Iowa State stored student data including SSNs on Synology devices
• Devices got breached by Bitcoin miner campaign
• 5 devices breached• 29,780 SSNs exposed
42
![Page 43: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/43.jpg)
Case #3: Continuation … Synolocker
43
https://www.facebook.com/events/birthdays?extra_data%5Bstart_date%5D=2015%2F04%2F11
![Page 44: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/44.jpg)
Case #4: Handheld Inventory Scanners
44
![Page 45: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/45.jpg)
Case #4: Targeted Attack
• 12 of 40 scanners delivered to a robotics/logistic company came with malware pre-installed
• Malware attacked network “from the inside”
• Targeting accounting systems• Exfiltrating data• Firmware downloaded from
manufacturer site was infected as well
45
![Page 46: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/46.jpg)
Case #4: Malware Details
• Scanner runs Windows XP Embedded• Malware only detected due to
network monitoring• Not possible to install standard AV or
Whitelist tools on scanner
46
![Page 47: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/47.jpg)
Defensive Strategies
47
![Page 48: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/48.jpg)
We need solutions that scale!
48
![Page 49: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/49.jpg)
Network Segmentation
• Target: Air Conditioner network not sufficiently segmented, allowed for breach of “business” network.
• How many segments can we manage?• Do all devices fit into the same
segment?• How do they talk to the rest of the
network?
49
![Page 50: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/50.jpg)
Onboarding Devices
• Accounting for devices / inventory• Configuring security parameters
(passwords, keys)• Establishing baseline configuration• Develop/Procure tools to provision
devices at scale securely
50
![Page 51: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/51.jpg)
Patching
• How are patches distributed / validated?
• Can automatic patching be used?• Centralized patch management
solutions?• Inventory/Onboarding first. Needs to
integrate with Patching
51
![Page 52: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/52.jpg)
Logging / Monitoring
• What logs to collect and how?• Flooded by meaningless logs?• Setup “satellite collectors” that
aggregate and pre-filter before sending to central log management system
52
![Page 53: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/53.jpg)
Solution 1: Don’t buy crap
• Ask the right questions before purchasing devices:– Onboarding tools?– Logging standards?– Support contracts?
53
![Page 54: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/54.jpg)
Solution 2: Scalable & Repeatable Processes
• Take what you learned from your desktop/server environment
• Automation!
54
![Page 55: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/55.jpg)
Conclusion
Are we still in control?
Probably not… but not clear who is in control… the machines? The cloud? The miscreant pw0ning your machines?
55
![Page 56: Judgment Day: April 12 th 2015 The Internet of Things: Who is in Control? Johannes B. Ullrich, Ph.D. jullrich@sans.edu @johullrich 1](https://reader035.vdocuments.us/reader035/viewer/2022062423/56649c9d5503460f9495cecf/html5/thumbnails/56.jpg)
Thanks!
http://isc.sans.edu
Daily Updates * Daily Podcast * Data FeedsTwitter: @johullrich / @sans_isc
56