Stuart Mitchell is the Chief Evangelist and Head of Product at ZARIOT and is driven by a desire to safely connect the world’s devices. Having held a senior management position at VeriSign, Stuart moved into strategic roles in mobile telecom service providers and, just before joining the ZARIOT team, bootstrapped and successfully exited an internal IoT startup venture. A strong advocate of customer-first, Lean startup methodology, Stuart brings an entrepreneurial and characteristically lateral approach to every project he undertakes.View the profile
About the talk
Cellular connectivity from 2G to 4G has been unsecured, and 5G is no magic bullet.
For cellular IoT to operate securely, we must all understand the dangers of the global mobile infrastructure and accessible solutions.
Virtually all verticals will use cellular connectivity for IoT and M2M devices at some point in their digital transformation. Whether remote sensors, smart city edge-routers, asset-trackers, point of sale devices, or medical monitors, cellular data provides the most ubiquitous terrestrial coverage and remains the most commonly available technology. Cellular is here to stay. We have a moral responsibility, not only to protect user data and secure mission-critical devices from bad actors, but also to shepherd the growth of our industry, which could be stunted by any prevalent insecurity. Yet, few are even aware of the risks that inter-operator connectivity itself presents.
A large-scale denial of service attack could bring a smart city to its knees, while even a small-scale attack diminishes the confidence in any new initiative being made. The blackmail opportunity this would offer might devastate an enterprise or compromise an official institution. Data and SMS can be intercepted while traversing the mobile network, before the data even sees the public internet. Tracking the location of a device using signalling messages could expose individuals and enterprises to fraud, data breach, and other more physical dangers. All of these attacks (and more) can easily be executed despite the regular security measures (VPN, encryption, other forms of IP-layer security, and device security) all being in place.
The move from legacy systems to 5G is much slower, painstaking, and complex than network operators would have us believe. Moreover, many IoT devices being deployed today are still intended for use on 2G and 3G systems – which will inevitably maintain demand to keep these RF bands operational. Finally, the 5G standards and regulations, despite making some attempt to learn from the past, have still allowed for the persistence of known flaws and troubling security gaps.
In this talk, we will discuss the history of legacy mobile networks, how they became exposed, why they were never secured, possible attack types and how they are perpetrated, the status and challenges of 5G security, and what can still be done about it. You will learn what protections are currently available against threats perpetrated using mobile network infrastructure, and how these fit into best practices for end-to-end IoT security. This may be of interest to security professionals as well as systems integrators, solutions providers, manufacturers, and anyone working in cellular communications.
02:29 Major risks and implications
05:35 Cellular signaling protocols
10:31 GTP security concerns
16:22 How do most cellular networks protect themselves
By the way, my name is Jared Mitchell. I'm the chief Angeles and headed products with Harriet. We are a cellular iot connectivity Solutions provider and specialist in security. Stay open to talk about 5G and why doesn't fix order the security issues out there 5G is a wonderful solution, but sending it still insecure. How to start with a very simplistic introduction into what I see is Emil notice it's multiple devices with Spencer's trackers cameras wireless networks sometimes to each other usually with only connection to some kind of
store is your processing but let me think about security security on the device key on the water Sprites Kohl's sometimes even though the dangerous is travels into a public or private Cloud using a VPN or some kind of solution, but we think about it Tuesday between the wireless network stem cells. No, we think that's funny. That is a great choice for I-80 because the elf is global coverage will ride around the world use his license Spectrum. So there's no interference so congestion and their money are prices for country folks. It means you
can always get a connection right? If you need one device isn't she pretty easy to buy and their various Technologies available from 2G 3G 4G regardless of what your application is doing what you want send a handful of tights or many gigabytes per month and it has it's just that power capability where you can configure device in a factory and I set up ready to go. But we have some responsibilities because send it on the IRT is being used for some mission-critical stuff weather is medical monitoring People's Health looking off to the safety of how is chemicals looking at
Buy this talk
Buy this video
With ConferenceCast.tv, you get access to our library of the world's best conference talks.