On October 6, I attended the 5th Annual Cyber Security Awareness Month Kickoff in Port Arthur, Texas. There were four seminars, all free to the public. I thought I would share a few notes and comments on my day.
1. The Internet of Things – was presented by Ira Wilsker of the Lamar Institute of technology. He gave a presentation on the many home appliances, medical devices, security systems and other things that are all connected to the internet. One of the many problems is that most of these things have no security and can be used as ingress points into your home network. He also talked about how they can be used as remote bots for attacking web sites and used the recent Krebs on line site as an example. I didn’t bother to note all the many items he talked about, but there were a few that I found interesting:
Johnson & Johnson warns insulin pumps can be hacked – many medical devices and systems are vulnerable, maybe even more so than driver less automobiles.
Connected Cattle – a farmer that has tagged all of his cattle with devices that monitor their health, feeding, etc. It can even tell when the animals get pregnant.
IoT devices being increasingly used for DDoS attacks – a Symantec blog explaining how a Denial of Service attack works.
Sad reality: It’s cheaper to get hacked than build strong IT defenses – an excellent article by Iain Thomson that compares hacking defenses to the Ford Pinto formula.
2. NetSmartz – was presented by Detective Michael Nixon, Beaumont Police Department Special Victims Unit. He talked about keeping safe from cyberbullying, on social media, etc. Some notable links were:
Parents & Guardians – a section of the NetSmartz website with tips for caretakers of children. There are also sections for educators, law enforcement, teens, tweens and kids.
CyberTipline – where you can report cyber crimes.
Suicide of Amanda Todd – a Wikipedia article about a fifteen year old girl who was cyber-bullied. She posted a You Tube Video, and then committed suicide.
3. Security Today – was a presentation by Dell Computers and Wayport Business Solutions. They spoke about the SonicWALL Advanced Gateway Security Suite which is an advanced firewall. They also briefly talked about Lightbeam, a web browser extension for keeping track of third party web sites that track your online activities. (My research after the fact shows that the extension is only available for the Firefox browser.)
4. Cell Phone Forensics – was presented by Elie Van Horn of the Port Arthur Police Department. He spoke about data found on cell phones and the methods used to find it. He also spoke at length about how cell phones can be used to track you. Some interesting links:
TeenSafe – an online service that can be used to put tracking software on phones.
StealthGenie – another tracking app. My later research revealed that this app is no longer available because the creator has been jailed.
MobilStealth – still another tracking app.
So what did I learn from the seminar? I had a passing knowledge of most of the items presented. One thing I found the most interesting of the entire day was a website that was mentioned by the first and third speakers. The final speaker started his presentation by stating how he was definitely going to check this site when he got home.
SHODAN, The Search Engine for the Internet of Things is exactly what it sounds like. With it, you can search for things connected to the internet.
I really enjoyed the day and am looking forward to attending again next year.