Two additional CEDIA CEU "IoT Network Security" Classes offered in March

FIREFX is offering a course scheduled in Vancouver, BC on Thursday the 23rd of March and have added an additional on-line class on Wednesday the 29th of March.

These courses are being offered this month by US Army trained Network Engineers from FIREFX. These engineers are graduates of the US Army Cyber-College, are "Security +" Certified, and have a great deal of experience securing Top Secret networks and utilizing proven tools, tactics & techniques to deploy Enterprise network security in a variety of environments. Join them as they explore the challenges presented by IoT devices in the smart home and business environments and solutions to counter these challenges.

 On Wednesday, 3/19/17 FIREFX will host a free online course (CEUP661 “Basics of Securing IoT Networks for the Home and Business” worth .75 CEUs. The class starts at 1:30 PM CST and you can email training@firefx.net to request a seat.

 Seating is limited for this on-line course to 25 seats.

On Thursday, 3/23/17, the same free class will be offered in person in Vancouver, BC at the Westin Wall Centre for the Stampede “Big Book of AV Tour” at 1:30PM PST.

THE BIG BOOK OF AV TOUR & CONFERENCE VANCOUVER

 Seating is limited for this event to 35 seats.

 No further courses are currently scheduled this month.

About This Course

 Basic Security: This is a basic security course. You will not be an IoT security expert at the completion of this course. What you will be able to do upon passing this course is the following.

  • Define what an IoT device is
  • Identify security threats introduced to networks by IoT devices
  • Understand the anatomy of a network hack
  • Identify potential exploitable vulnerabilities in network designs
  • Identify best practices for securing networks with IoT devices, including
    • Geo-Blocking
    • VLAN Separation
    • Intrusion Detection/Prevention System (IDPS)
    • Distributed Denial Of Service (DDOS) Protection
    • Proper VPN Use

This course is approximately 1.5 hours long and includes an open Q&A session and written exam. Successful completion of the course and passing in the exam (70%) will earn you a certificate and .75 CEUs.

On-Line INSTRUCTOR: Josh Van Gulden – Cyber-Security Architect FIREFX (CW3 RET TXARNG)
Vancouver BC INSTRUCTOR Dave Putman - VP/CTO FIREFX (CW2 RET TXARNG)

How Your DVR Was Hacked To Take Down The Internet

THE INTERNET OF UNPATCHABLE THINGS

Recently, a person or persons launched an attack on the Internet Domain Name Services (DNS) causing major disruption to businesses in the US. Surprisingly (to some), this attack used the Mirai malware package to exploit the inherently insecure IoT devices in many homes and businesses around the world. Worse yet, he hacker responsible for creating the Mirai malware released the source code for it, effectively letting anyone build their own attack army using Mirai.

According to researchers at security firm Flashpoint, today’s attack was launched at least in part by a Mirai-based botnet. Allison Nixon, director of research at Flashpoint, said the botnet used in today’s ongoing attack is built on the backs of hacked IoT devices — mainly compromised digital video recorders (DVRs) and IP cameras made by a Chinese hi-tech company called XiongMai Technologies. The components that XiongMai makes are sold downstream to vendors who then use it in their own products.

“It’s remarkable that virtually an entire company’s product line has just been turned into a botnet that is now attacking the United States,” Nixon said, noting that Flashpoint hasn’t ruled out the possibility of multiple botnets being involved in the attack on Dyn.

“At least one Mirai [control server] issued an attack command to hit Dyn,” Nixon said. “Some people are theorizing that there were multiple botnets involved here. What we can say is that we’ve seen a Mirai botnet participating in the attack.”

Many of these products from XiongMai and other makers of inexpensive, mass-produced IoT devices are essentially unfixable, and will remain a danger to others unless and until they are completely unplugged from the Internet.

“The issue with these particular devices is that a user cannot feasibly change this password,” Flashpoint’s Zach Wikholm told KrebsOnSecurity. “The password is hardcoded into the firmware, and the tools necessary to disable it are not present. Even worse, the web interface is not aware that these credentials even exist.”

Flashpoint’s researchers said they scanned the Internet on Oct. 6 for systems that showed signs of running the vulnerable hardware, and found more than 515,000 of them were vulnerable to the flaws they discovered.

The knowledge that many IoT devices are effectively unsecurable leaves system integrators with only one viable solution; implementing VLAN separation with a Unified Threat Management (UTM) device. A UTM has an intrustion detection/intrusion prevention system (IDS/IPS) actively inspecting all network traffic passing in and out of the network and passing between the VLANs, actively blocking malware and virus based attacks. Threat profiles are updated regularly to protect the network and its users from emerging threats as they develop.

MORE THAT JUST A ROUTER

The FIREFX Network Guardian is a Router/UTM platform designed specifically used in the CEDIA marketplace as a primary network router. Complete with a pre-configured VPN server and MAC/PC client, pre-configured VLAN separation, and an IDS/IPS system that automatically updates threat profiles twice daily. Available in both desktop and rackmount form factors, the Network Guardian is well suited for home. SOHO, and small to mid-sized business applications.

See the Network Guardian here