Tomb Raiders - The pilfering of critical data from the graves of our decommissioned IoT technology
Tracks
Current and Future Trends in Security
| Friday, October 14, 2022 |
| 1:30 PM - 2:30 PM |
| Student Union 106 |
Speaker
Mr. Deral Heiland
Principal Security Researcher (OT/IoT)
Rapid7
Tomb Raiders - The pilfering of critical data from the graves of our decommissioned IoT technology
Abstract
Is your organization tossing critical data in the trash? Are they selling it on eBay? If you're not 100% sure than the answer is YES. Join me as we examine the security implications caused by the improper de-acquisition of IoT technology within your organization and how do we resolve this issue.
With the continued growth and deployment of IoT technologies into our businesses, we need to acknowledge the fact that these devices will eventually break and require replacement and or upgrades. Knowing this we are then faced with the ultimate question: what happens to this electronic garbage?
During this presentation, we will explore the security implications of discarded/abandoned IoT. Just how easy it is for malicious actors to harvest critical data from dead or improperly disposed of devices? During this discussion audience participants are encouraged to engage in an open and free flow of ideas and feedback, focusing on these risks, and how we can potentially avoid these issues altogether.
With the continued growth and deployment of IoT technologies into our businesses, we need to acknowledge the fact that these devices will eventually break and require replacement and or upgrades. Knowing this we are then faced with the ultimate question: what happens to this electronic garbage?
During this presentation, we will explore the security implications of discarded/abandoned IoT. Just how easy it is for malicious actors to harvest critical data from dead or improperly disposed of devices? During this discussion audience participants are encouraged to engage in an open and free flow of ideas and feedback, focusing on these risks, and how we can potentially avoid these issues altogether.
Biography
Deral Heiland CISSP, serves as a Principal Security Researcher (IoT) for Rapid7. Deral has over 25 years of experience in the Information Technology field and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 15+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also has conducted security research on numerous technical subjects, releasing white papers, Blogs, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, Hack In Paris. Deral has been interviewed by and quoted by multiple media outlets and publications including ABC World News Tonight, Cheddar TV, BBC, Consumer Reports, MIT Technical Review, SC Magazine, Threat Post and The Register.
