Anatomy of an IoT Attack



the race is on to get a fully self-driving car to mark our company Opticon promises the cars that drive themselves opticals new cars destroyed data and related to backups we can recover most of it but some of the research may be gone for good according to the forensics so walk me through it step by step well I took over the website to a bowling alley but this is not a joke okay look they have this research facility down the peninsula and they're working on optical tracking cameras for driverless cars so just searching through social media I get the names of a whole bunch of engineers who are working there and as I'm looking them up I come across this bowling meet where a bunch of tech companies play every Wednesday and this is an old-school bowling night like this really ancient website and it has all the league info company names player names Lucas so you hacked into a bowling alley website yeah alright explain how that works it's called an iframe injection attack it's this old exploit that hits anyone that visits the website so a week later this guy from opticon suddenly has mine malware on his laptop I couldn't believe it worked it was like a joke what does that get you well then I say he goes to work and he opens his laptop and he connects to the network that's it I mean yeah but that still doesn't get you inside I mean they discovered it they wiped the laptop scan the network they didn't scan the whole network the thermostats part of the network it's inside the firewall it's connected to optic horns entire network you can get the whole standard configuration and password online in 30 seconds I got it off the manufacturers website so they scan most of the network they didn't scan the thermostat then what then I just went exploring it was a totally flat network no subnets or anything I could see everyday HR files legal documents are indeed when I found the blueprints I realized I can make some money off these files what happened after you sent the files then I burned everything down I wiped everything I could find encrypted drives and deleted backups I was just here just trying to cover my tracks and somebody paid you how much exactly 75 bitcoins nice not enough to retire on but still all right Brian Paige are you sure you don't know how bad you European automaker Q car has beaten opticon to market with their QX sedan the world's first self-driving car opticon shares

9 Comments

  1. Glyph said:

    Dude this is so WD2

    May 22, 2019
    Reply
  2. Angeloco said:

    very cool!

    May 22, 2019
    Reply
  3. Andres Colon said:

    me siento que es te video es muy lambemi

    May 22, 2019
    Reply
  4. C4M0K41 said:

    Make more of these please

    May 22, 2019
    Reply
  5. tsavorit52 said:

    Love this style 😀 A full movie would be great.

    May 22, 2019
    Reply
  6. Kevin Livingston said:

    a flat network, i haven'e seen one, must have too many VLANs

    May 22, 2019
    Reply
  7. Samus Aran said:

    Also this is why you isolate all IoT devices in a separate network. Otherwise they will do something call pivoting. They will breach an unsecured device and use it as a backdoor into a secure network.

    May 22, 2019
    Reply
  8. Samus Aran said:

    Curtain companies have been known to or at least suspected to secretly pay black hat hackers to infiltrate, spy on, and sabotage their competition.

    May 22, 2019
    Reply
  9. Hermes Medina said:

    This is so Mr Robot !

    May 22, 2019
    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *