The Sicuro team had our first day at Black Hat yesterday and are gearing up for DEFCON starting tomorrow.
Vulnerabilities in IoT and cellular networks are some of the major themes presenting themselves at both events.
Unlike the previous BlackHat conferences which focused on IoT and Industrial IoT (IIoT) this conference has a particular focus on connected medical devices.
Device manufacturers are increasingly more liable for the products they create. Regulatory bodies law enforcement are actively seeking companies that have neglected implementing security measures and best practices. Discussions at Black Hat such as the briefing this Thursday, "The legal Liability for IoT Hacks," are critical.
The individual networks and medical devices that are connected to them are each inherently unique. The medical device industry is heavily regulated, which makes patching devices in the environment a persistent challenge. Device vulnerabilities present risks such as data security, consumer privacy, and physical health. Medical device resiliency is paramount to the ability for medical professionals to provide quality care. Especially on the advent of the emerging Telehealth market, IoT security is critical.
Black Hat is hosting discussions on numerous other interesting topics related to IoT such as GPS spoofing, threat hunting, election machine security, snooping on cellular gateways, smart cities, and defense vs offensive machine learning.
DEFCON's cellular network competition comes with perfect timing as ISPs ready their release of 5G, which will initially be deployed using cellular networks. Verizon will be the first ISP to roll out 5G in the latter half of 2018 utilizing existing assets and millimeter wave technology to target residential customers in urban areas.
The Sicuro team will be paying particular attention to the discussion about standards and adaptive security on the edge. We will also pay specific note to how vulnerabilities propagate across cellular networks and different ways the 5G industry may be targeted.