Learn the Latest IoT Security Tricks & Vulnerabilities

The Internet of Things is ubiquitous, and at Black Hat USA next month you’ll have the chance to learn the latest IoT security tools, safeguards, and vulnerabilities.


Now that everything from thermostats to washing machines are designed to be connected to the Internet, the Internet of Things has become ubiquitous.

It's more important than ever for cybersecurity experts to be aware of the threats and opportunities this oft-overlooked network of Internet-connected devices presents, and there's no better place to learn than Black Hat.

Next month's all-digital Black Hat USA event will provide you with plenty of opportunities to get up to speed on the latest IoT security threats and tools. Attend the 2-Day Practical Exploitation of IoT Networks & Ecosystems Training to get hands-on instruction in the practical exploitation of IoT systems. This Training spans a broad swathe of the IoT ecosystem, covering security for the hardware form factors, mobile/cloud components, and communication protocols.

You'll learn the basics with low-cost market hardware (shipped directly to you) and open-source software, enjoy a beginner-level web/cloud Capture The Flag exercise to practice your newfound skills, and walk away with a thorough understanding of what it takes to attack and defend the Internet of Things.

If you're at all curious about how IoT devices are harnessed together into massive, industry-influencing botnets, don't miss IoT Skimmer: Energy Market Manipulation through High-Wattage IoT Botnets. Part of the exciting new Cyber Physical Systems track of Briefings at Black Hat USA, this 40-minute Briefing will introduce you to IoT Skimmer, a hierarchical structure which leverages the potential of high-wattage IoT botnets to slightly manipulate the total demand of the power grid and attack deregulated electricity markets.

It promises to be fascinating, proposing one of the first energy market manipulation cyberattacks and presenting two attacker models based on the adversary's motivation and end goal: the attacker can cause maximum financial profit/damage to a particular market player (e.g., power plant owner or power utility), or the attacker can cause financial damage to players in the entire market.

For help testing the security of individual IoT devices, swing by the virtual Black Hat USA Arsenal and check out UFO: A Security Verification Tool for IoT Device Firmware. UFO profiles the IoT firmware in many surfaces, like known vulnerabilities, sensitive data, cracked passwords, and hidden backdoors. It saves penetration testers time to gather information and help create attack vectors. Meanwhile, as a handy tool, UFO exposes vulnerabilities as early as possible to mitigate attacks from IoT malware like the notorious Mirai, which also collected default passwords of IoT devices from firmware. Come learn how it works, and how it might work for you, at Black Hat USA next month!


Register now for this year's fully virtual Black Hat USA, still scheduled to take place August 1st through 6th, and get more information about the event on the Black Hat website.

Sustaining Partners