Abstract image of a woman sitting on books and studying on a laptop

Testing IoT Security shouldn't fear you if you have got a hacker mindset - By Santhosh Tuppad - For RTC 2018

Santhosh Tuppad, profile picture
Santhosh Tuppad

The document discusses the importance of having a hacker mindset to test IoT security, highlighting the risks posed by the growing number of smart devices. It emphasizes the necessity of understanding both web and IoT hacking, alongside practical security measures to mitigate threats. The author calls for awareness regarding the lack of white-hat hackers and the implications for future generations.

Technology
Related topics:
IoT Security Focus Security Testing Penetration-TestingEthical Hacking Courses
1 of 13
Downloaded 10 times
1
2
3
4
5
6
7
8
9
10
11
12
13
Mindset Over Skill Set: Got Hacker Mindset? Testing IoT Security Shouldn’t Fear You Santhosh Tuppad
sh-3.2# whoami I have been a great liar, a thief, physical infrastructure breaker, web application hacker, mobile apps hacker, kiosk machine basher, black-hat hacker, white-hat hacker, trainer, security coach and blah blah blah!
Why I don’t fear testing anything for “SECURITY”?
#CORRELATION Before being a hacker, I experimented and correlated my experimentation journey to hacking.
#InternetOf(every)thing - Connecting the devices like toaster, toothbrush, refrigerator, lights etc. with each other in order to establish communication & perform dangerously insane things.
Things are going to get WORSE. Future is not so cool considering the risks about 80 billion smart devices by 2025.
#WouldYouBeOkay Would you be okay if your car speed is controlled by malicious hacker? Would you be okay to send heart rate data of your baby incorrectly to physician? (Man In the Middle) Would you be okay if someone takes control of your CCTVs or Cameras installed in your home? Would you be okay if...
#LearnFromExistingStories https://github.com/nebgnahz/awesome-iot-hacks These may scare you!
#ToThinkLikeACriminalIsNotACrime Practice thinking like a criminal… Practice more… Practice MORE...
#MyOpinionForMyself #WebOpensTheDoors #CloseTheDoorsIfNotRequired Learn web hacking to understand IoT hacking better… And then correlate… And identify specific attacks for IoT hardware/software ONLY… And Rock!
#MindsetRules #SecurityIsAFeeling • Disable unnecessary ports on hardware interface. • Web UI interface to IoT infrastructure is your start. • Mobile interface? Well, I love *.apk files. • Insecure hardware/firmware. • Poorly configured settings. #Question • Stronger encryption. But, make sure “key” is kept safe. • Let the clouds not thunder and rain. • Test ports are not meant to be in production • Logging and Alerts. • Privacy concerns? #GDPR • Physical Security - People seldom remember this.
#ChoiceIsOurs There are more black-hat hackers than white-hat hackers. We have massive skill shortage. We care about our generation & upcoming generations. Choice is yours… I hope malicious hackers don’t make a choice for you with IoT hacking.
Disclaimer: If I get more great votes, it doesn’t mean I hacked the feedback system and voted for myself. I am a good person. If you liked my talk, please vote for me at, #V193 slido.com

More Related Content

PDF
Cyber safety
Arjun Chetry
 
PPTX
ethical hacking
Sathish Bommisetti
 
PPTX
Internet Issues (How to Deal on Internet Security)
Hannah Jane del Castillo
 
PPTX
Ethical hacking and cyber security intro
Abhilash Ak
 
PPT
the best hacking ppt
fuckubitches
 
PDF
The History of Hacking in 5minutes (for dummie)
Stu Sjouwerman
 
PPTX
CYBER ETHICS, CRIMES AND SAFTY
FaMulan2
 
PPT
Ethical hacking presentation
Georgekutty Francis
 
Cyber safety
Arjun Chetry
 
ethical hacking
Sathish Bommisetti
 
Internet Issues (How to Deal on Internet Security)
Hannah Jane del Castillo
 
Ethical hacking and cyber security intro
Abhilash Ak
 
the best hacking ppt
fuckubitches
 
The History of Hacking in 5minutes (for dummie)
Stu Sjouwerman
 
CYBER ETHICS, CRIMES AND SAFTY
FaMulan2
 
Ethical hacking presentation
Georgekutty Francis
 

What's hot (20)

PPSX
Cyber security awareness for students
Akhil Nadh PC
 
PPTX
Ethical Hacking & Network Security
Lokender Yadav
 
PDF
Ethical hacking & Information Security
Ajay Dhamija
 
PPTX
Internet security powerpoint
Arifa Ali
 
PPTX
Hacking ppt
Rashed Sayyed
 
PPTX
Ethical hacking
arohan6
 
PPTX
National information security education & awareness program
Neel Kamal
 
PPT
Cyber Security and Cyber Awareness
Jay Nagar
 
PPTX
Ethical hacking
Damisetty Bala Naga Rama Sesha Sai
 
PDF
Cyber security awareness presentation nepal
ICT Frame Magazine Pvt. Ltd.
 
PPTX
presentation on ethical hacking
Amol Deshmukh
 
PPTX
Internet security
Pokanati SatyaPraveen
 
PPT
NewIinternet security
university of mumbai
 
PDF
National Life IT Department's Cyber Security Awareness Presentation
Jamie Proctor-Brassard
 
PPT
Ethical Hacking and Network Security
sumit dimri
 
PDF
Cyber Security Awareness at Dadar April 25, 2010
Vicky Shah
 
ODP
Cyber security awareness
Jason Murray
 
PPTX
Hacking ppt
giridhar_sadasivuni
 
PPTX
Hacking and Hackers
Farwa Ansari
 
PPTX
How to hack or what is ethical hacking
baabtra.com - No. 1 supplier of quality freshers
 
Cyber security awareness for students
Akhil Nadh PC
 
Ethical Hacking & Network Security
Lokender Yadav
 
Ethical hacking & Information Security
Ajay Dhamija
 
Internet security powerpoint
Arifa Ali
 
Hacking ppt
Rashed Sayyed
 
Ethical hacking
arohan6
 
National information security education & awareness program
Neel Kamal
 
Cyber Security and Cyber Awareness
Jay Nagar
 
Ethical hacking
Damisetty Bala Naga Rama Sesha Sai
 
Cyber security awareness presentation nepal
ICT Frame Magazine Pvt. Ltd.
 
presentation on ethical hacking
Amol Deshmukh
 
Internet security
Pokanati SatyaPraveen
 
NewIinternet security
university of mumbai
 
National Life IT Department's Cyber Security Awareness Presentation
Jamie Proctor-Brassard
 
Ethical Hacking and Network Security
sumit dimri
 
Cyber Security Awareness at Dadar April 25, 2010
Vicky Shah
 
Cyber security awareness
Jason Murray
 
Hacking ppt
giridhar_sadasivuni
 
Hacking and Hackers
Farwa Ansari
 
How to hack or what is ethical hacking
baabtra.com - No. 1 supplier of quality freshers
 

Similar to Testing IoT Security shouldn't fear you if you have got a hacker mindset - By Santhosh Tuppad - For RTC 2018 (20)

PDF
(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)
Rui Miguel Feio
 
PPTX
Spirent: The Internet of Things: The Expanded Security Perimeter
Sailaja Tennati
 
PPTX
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
mike parks
 
PDF
IoT, Security & the Path to a Solution
Dr Laurent Guiraud
 
PPTX
IoT Security Risks and Challenges
OWASP Delhi
 
PDF
Hack one iot device, break them all!
Justin Black
 
PDF
How to Secure IoT Devices_A Guide for Ethical Hackers
poppinsoul9
 
PDF
IoT – Breaking Bad
NUS-ISS
 
PPTX
Emerging Trends in Cybersecurity by Amar Prusty
Cysinfo Cyber Security Community
 
PDF
This Time, It’s Personal: Why Security and the IoT Is Different
Justin Grammens
 
PPTX
IoT security
YashKesharwani2
 
PPTX
Domain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptx
Infosectrain3
 
PDF
Cybersecurity in the Age of IoT - Skillmine
Skillmine Technology Consulting
 
PPTX
IoT Security: Debunking the "We Aren't THAT Connected" Myth
Security Innovation
 
PDF
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
HITCON GIRLS
 
PDF
IoT Attack Surfaces -- DEFCON 2015
Daniel Miessler
 
PPTX
Security Testing for IoT Systems
Security Innovation
 
PDF
A History of IIoT Cyber-Attacks & Checklist for Implementing Security [Infogr...
GlobalSign
 
PPTX
Iot Security, Internet of Things
Bryan Len
 
PPTX
IoT Security, Threats and Challenges By V.P.Prabhakaran
Koenig Solutions Ltd.
 
(2019) Hack All the Way Through From Fridge to Mainframe (v0.2)
Rui Miguel Feio
 
Spirent: The Internet of Things: The Expanded Security Perimeter
Sailaja Tennati
 
IoT Cyber+Physical+Social Engineering Attack Security (v0.1.6 / sep2020)
mike parks
 
IoT, Security & the Path to a Solution
Dr Laurent Guiraud
 
IoT Security Risks and Challenges
OWASP Delhi
 
Hack one iot device, break them all!
Justin Black
 
How to Secure IoT Devices_A Guide for Ethical Hackers
poppinsoul9
 
IoT – Breaking Bad
NUS-ISS
 
Emerging Trends in Cybersecurity by Amar Prusty
Cysinfo Cyber Security Community
 
This Time, It’s Personal: Why Security and the IoT Is Different
Justin Grammens
 
IoT security
YashKesharwani2
 
Domain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptx
Infosectrain3
 
Cybersecurity in the Age of IoT - Skillmine
Skillmine Technology Consulting
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
Security Innovation
 
逃避可恥還沒有用- 你不可不知的物聯網安全問題與挑戰(Ashley Shen & Belinda Lai)
HITCON GIRLS
 
IoT Attack Surfaces -- DEFCON 2015
Daniel Miessler
 
Security Testing for IoT Systems
Security Innovation
 
A History of IIoT Cyber-Attacks & Checklist for Implementing Security [Infogr...
GlobalSign
 
Iot Security, Internet of Things
Bryan Len
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
Koenig Solutions Ltd.
 

More from Santhosh Tuppad (13)

PDF
Tools are my servants. and I am the master - By Santhosh Tuppad
Santhosh Tuppad
 
PDF
Hacking - Bridging the Gap And Going Beyond to Fight Black-Hat
Santhosh Tuppad
 
PDF
Web and mobile security workshop workbook v1 - by santhosh tuppad
Santhosh Tuppad
 
PDF
ExpoQA 2018 - Why software security has gotten worse? And what can we do abou...
Santhosh Tuppad
 
PDF
The BUZZ Word - Entrepreneur. A Perspective of Santhosh Tuppad
Santhosh Tuppad
 
PDF
Agile Testing Days Tutorial (Germany) 2017 - Web and Mobile Security Testing...
Santhosh Tuppad
 
PDF
Your users are humans and let's live our promise of securing them
Santhosh Tuppad
 
PDF
Test ideas for Login / Authentication and Login Session
Santhosh Tuppad
 
PDF
Passion is a free spirit, only you can cage it.
Santhosh Tuppad
 
PDF
Software Testing - Heuristics Cheat Sheet
Santhosh Tuppad
 
PDF
Santhosh tuppad romanian testing conference 2017 - keynote presentation
Santhosh Tuppad
 
PDF
Santhosh Tuppad - Profile - Entrepreneur - Software Tester - Ethical Hacker -...
Santhosh Tuppad
 
PDF
Santhosh tuppad - A journey that is fascinating and will be more fascinating ...
Santhosh Tuppad
 
Tools are my servants. and I am the master - By Santhosh Tuppad
Santhosh Tuppad
 
Hacking - Bridging the Gap And Going Beyond to Fight Black-Hat
Santhosh Tuppad
 
Web and mobile security workshop workbook v1 - by santhosh tuppad
Santhosh Tuppad
 
ExpoQA 2018 - Why software security has gotten worse? And what can we do abou...
Santhosh Tuppad
 
The BUZZ Word - Entrepreneur. A Perspective of Santhosh Tuppad
Santhosh Tuppad
 
Agile Testing Days Tutorial (Germany) 2017 - Web and Mobile Security Testing...
Santhosh Tuppad
 
Your users are humans and let's live our promise of securing them
Santhosh Tuppad
 
Test ideas for Login / Authentication and Login Session
Santhosh Tuppad
 
Passion is a free spirit, only you can cage it.
Santhosh Tuppad
 
Software Testing - Heuristics Cheat Sheet
Santhosh Tuppad
 
Santhosh tuppad romanian testing conference 2017 - keynote presentation
Santhosh Tuppad
 
Santhosh Tuppad - Profile - Entrepreneur - Software Tester - Ethical Hacker -...
Santhosh Tuppad
 
Santhosh tuppad - A journey that is fascinating and will be more fascinating ...
Santhosh Tuppad
 

Recently uploaded (20)

PDF
The influence of sentiment analysis in enhancing early warning system model f...
IAESIJAI
 
PPTX
Final SEM Unit 1 for mit wpu at pune .pptx
anishtilekar08
 
PPTX
GROUP4NURSINGINFORMATICSREPORT-2 PRESENTATION
ClarisejaneSartillo1
 
PDF
Comparative analysis of machine learning models for fake news detection in so...
IAESIJAI
 
PDF
Hybrid horned lizard optimization algorithm-aquila optimizer for DC motor
IAESIJAI
 
PDF
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
PDF
Credit Without Borders: AI and Financial Inclusion in Bangladesh
Ehsan Tanim
 
PDF
Improvisation in detection of pomegranate leaf disease using transfer learni...
IAESIJAI
 
PDF
OpenACC and Open Hackathons Monthly Highlights July 2025
OpenACC
 
PDF
A review of recent deep learning applications in wood surface defect identifi...
IAESIJAI
 
PPTX
Modernising the Digital Integration Hub
Daniel Toomey
 
PDF
STKI Israel Market Study 2025 version august
Dr. Jimmy Schwarzkopf
 
PPTX
Custom Battery Pack Design Considerations for Performance and Safety
Epec Engineered Technologies
 
PPTX
AI IN MARKETING- PRESENTED BY ANWAR KABIR 1st June 2025.pptx
HiraJay1
 
PDF
CloudStack 4.21: First Look Webinar slides
ShapeBlue
 
PDF
Five Habits of High-Impact Board Members
OnBoard
 
PDF
A proposed approach for plagiarism detection in Myanmar Unicode text
IAESIJAI
 
PPT
What is a Computer? Input Devices /output devices
GulJan8
 
PDF
How ambidextrous entrepreneurial leaders react to the artificial intelligence...
IAESIJAI
 
PPTX
TEXTILE technology diploma scope and career opportunities
kriti38
 
The influence of sentiment analysis in enhancing early warning system model f...
IAESIJAI
 
Final SEM Unit 1 for mit wpu at pune .pptx
anishtilekar08
 
GROUP4NURSINGINFORMATICSREPORT-2 PRESENTATION
ClarisejaneSartillo1
 
Comparative analysis of machine learning models for fake news detection in so...
IAESIJAI
 
Hybrid horned lizard optimization algorithm-aquila optimizer for DC motor
IAESIJAI
 
ENT215_Completing-a-large-scale-migration-and-modernization-with-AWS.pdf
ssuser28425f
 
Credit Without Borders: AI and Financial Inclusion in Bangladesh
Ehsan Tanim
 
Improvisation in detection of pomegranate leaf disease using transfer learni...
IAESIJAI
 
OpenACC and Open Hackathons Monthly Highlights July 2025
OpenACC
 
A review of recent deep learning applications in wood surface defect identifi...
IAESIJAI
 
Modernising the Digital Integration Hub
Daniel Toomey
 
STKI Israel Market Study 2025 version august
Dr. Jimmy Schwarzkopf
 
Custom Battery Pack Design Considerations for Performance and Safety
Epec Engineered Technologies
 
AI IN MARKETING- PRESENTED BY ANWAR KABIR 1st June 2025.pptx
HiraJay1
 
CloudStack 4.21: First Look Webinar slides
ShapeBlue
 
Five Habits of High-Impact Board Members
OnBoard
 
A proposed approach for plagiarism detection in Myanmar Unicode text
IAESIJAI
 
What is a Computer? Input Devices /output devices
GulJan8
 
How ambidextrous entrepreneurial leaders react to the artificial intelligence...
IAESIJAI
 
TEXTILE technology diploma scope and career opportunities
kriti38
 

Testing IoT Security shouldn't fear you if you have got a hacker mindset - By Santhosh Tuppad - For RTC 2018

  • 1. Mindset Over Skill Set: Got Hacker Mindset? Testing IoT Security Shouldn’t Fear You Santhosh Tuppad
  • 2. sh-3.2# whoami I have been a great liar, a thief, physical infrastructure breaker, web application hacker, mobile apps hacker, kiosk machine basher, black-hat hacker, white-hat hacker, trainer, security coach and blah blah blah!
  • 3. Why I don’t fear testing anything for “SECURITY”?
  • 4. #CORRELATION Before being a hacker, I experimented and correlated my experimentation journey to hacking.
  • 5. #InternetOf(every)thing - Connecting the devices like toaster, toothbrush, refrigerator, lights etc. with each other in order to establish communication & perform dangerously insane things.
  • 6. Things are going to get WORSE. Future is not so cool considering the risks about 80 billion smart devices by 2025.
  • 7. #WouldYouBeOkay Would you be okay if your car speed is controlled by malicious hacker? Would you be okay to send heart rate data of your baby incorrectly to physician? (Man In the Middle) Would you be okay if someone takes control of your CCTVs or Cameras installed in your home? Would you be okay if...
  • 9. #ToThinkLikeACriminalIsNotACrime Practice thinking like a criminal… Practice more… Practice MORE...
  • 10. #MyOpinionForMyself #WebOpensTheDoors #CloseTheDoorsIfNotRequired Learn web hacking to understand IoT hacking better… And then correlate… And identify specific attacks for IoT hardware/software ONLY… And Rock!
  • 11. #MindsetRules #SecurityIsAFeeling • Disable unnecessary ports on hardware interface. • Web UI interface to IoT infrastructure is your start. • Mobile interface? Well, I love *.apk files. • Insecure hardware/firmware. • Poorly configured settings. #Question • Stronger encryption. But, make sure “key” is kept safe. • Let the clouds not thunder and rain. • Test ports are not meant to be in production • Logging and Alerts. • Privacy concerns? #GDPR • Physical Security - People seldom remember this.
  • 12. #ChoiceIsOurs There are more black-hat hackers than white-hat hackers. We have massive skill shortage. We care about our generation & upcoming generations. Choice is yours… I hope malicious hackers don’t make a choice for you with IoT hacking.
  • 13. Disclaimer: If I get more great votes, it doesn’t mean I hacked the feedback system and voted for myself. I am a good person. If you liked my talk, please vote for me at, #V193 slido.com