Scribd Logo
Upload

Welcome to Scribd!

  • 342 views

    Lab - Learning The Details of Attacks

    Uploaded by

    Yusril Ashidiqi
    The document discusses researching IoT application vulnerabilities. It provides background on the growth of IoT devices and their vulnerability to security threats due to a lack of consideration for security in design. The objectives are to analyze vulnerabilities. Students are instructed to search for examples of vulnerabilities in different IoT verticals and answer questions about one vulnerability they choose. They are to discuss who might exploit it, why the vulnerability exists, and what could be done to limit the vulnerability. Resources for the search are provided.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Lab - Learning The Details of Attacks

    Uploaded by

    Yusril Ashidiqi
    342 views2 pages
    The document discusses researching IoT application vulnerabilities. It provides background on the growth of IoT devices and their vulnerability to security threats due to a lack of consideration for security in design. The objectives are to analyze vulnerabilities. Students are instructed to search for examples of vulnerabilities in different IoT verticals and answer questions about one vulnerability they choose. They are to discuss who might exploit it, why the vulnerability exists, and what could be done to limit the vulnerability. Resources for the search are provided.

    Original Description:

    Lab - Learning the Details of Attacks

    Original Title

    Lab - Learning the Details of Attacks

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses researching IoT application vulnerabilities. It provides background on the growth of IoT devices and their vulnerability to security threats due to a lack of consideration for security in design. The objectives are to analyze vulnerabilities. Students are instructed to search for examples of vulnerabilities in different IoT verticals and answer questions about one vulnerability they choose. They are to discuss who might exploit it, why the vulnerability exists, and what could be done to limit the vulnerability. Resources for the search are provided.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    342 views2 pages

    Lab - Learning The Details of Attacks

    Uploaded by

    Yusril Ashidiqi
    The document discusses researching IoT application vulnerabilities. It provides background on the growth of IoT devices and their vulnerability to security threats due to a lack of consideration for security in design. The objectives are to analyze vulnerabilities. Students are instructed to search for examples of vulnerabilities in different IoT verticals and answer questions about one vulnerability they choose. They are to discuss who might exploit it, why the vulnerability exists, and what could be done to limit the vulnerability. Resources for the search are provided.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 2

    Lab – Learning the Details of Attacks

    Objectives
    Research and analyze IoT application vulnerabilities

    Background / Scenario
    The Internet of Things (IoT) consists of digitally connected devices that are connecting every aspect of our lives,
    including our homes, offices, cars, and even our bodies to the Internet. With the accelerating adoption of IPv6
    and the near universal deployment of Wi-Fi networks, the IoT is growing at an exponential pace. Industry
    experts estimate that by 2020, the number of active IoT devices will approach 50 billion. IoT devices are
    particularly vulnerable to security threats because security has not always been considered in IoT product
    design. Also, IoT devices are often sold with old and unpatched embedded operating systems and software.

    Required Resources
     PC or mobile device with Internet access

    Conduct a Search of IoT Application Vulnerabilities


    Using your favorite search engine, conduct a search for Internet of Things (IoT) vulnerabilities. During your
    search, find an example of an IoT vulnerability for each of the IoT verticals: industry, energy systems,
    healthcare, and government. Be prepared to discuss who might exploit the vulnerability and why, what caused
    the vulnerability, and what could be done to limit the vulnerability? Some suggested resources to get started on
    your search are listed below:
     Cisco IoT Resources
     IoT Security Foundation
     Business Insider IoT security threats
    Note: You can use the web browser in the virtual machine installed in a previous lab to research security
    issues. By using the virtual machine, you may prevent malware from being installed on your computer.
    From your research, choose an IoT vulnerability and answer the following questions:
    a. What is the vulnerability?
    Vulnerability adalah suatu cacat pada system/infrastruktur yang memungkinkan terjadinya akses tanpa izin
    dengan meng exploitasi kecacatan sistem.Cacat ini terjadi akibat kesalahan dalam merancang,membuat
    atau mengimplementasikan sebuah sistem.
    b. Who might exploit it? Explain.
    Hacker.
    Setiap aplikasi (service,desktop,web base) pasti memiliki celah atau vulnerability,hanya saja belum
    ketauan,lambat laun akan ditemukan juga oleh hacker.
    Tidak semua hacker jahat ,jika celah keamanan ditemukan oleh hacker jahat (Black Hat) kemungkinan
    akan digunakan untuk meng exploit system untuk dia gunakan sendiri, atau exploit tersebut akan dilelang
    di “deep web” dan dijual nya ke penawar tertinggi.
    Jika ditemukan oleh hacker baik (white hat) biasnaya dia akan melaporkan celah keamanan tersebut ke
    developer aplikasi tesebut agar diperbaiki.

     Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 1 of 2 www.netacad.com
    Lab – Learning the Details of Attacks

    c. Why does the vulnerability exist?


    Buatan manusia tidak ada yang sempurna, vulnerability/bug terjadi ketika developer melakukan kesalahan
    logika koding atau menerapkan validasi yang tidak sempurna sehingga aplikasi yang dibuatnya mempunyai
    celah yang memungkinkan user atau metode dari luar sistem bisa dimasukan kedalam program nya.

    d. What could be done to limit the vulnerability?


    - Update Sistem Operasi firmware dan Aplikasi
    Selalu update secara berkala baik Operating sistem ataupun aplikasi, karena cuma dengan cara inilah
    yang bisa kamu lakukan agar terhindar dari vulnerability
    - Vulnerability Assessments dan Penetration Tests
    Vulnerability assessment proses mendefinisikan, mengidentifikasi, mengelompokan dan
    memprioritaskan kelemahan dalam sistem komputer,aplikasi dan infrastruktur jaringan sebagai dasar
    suatu organisasi untuk melakukan tindakan pencegan atas resiko yang bisa ditimbulkan oleh
    kelemahan sistem dimasa mendatang.

     Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 2 of 2 www.netacad.com

    You might also like