Login Papers Register

Need an account to vote? Register to attend at gsec.hitb.org/sg2017/

<< previous next >>

A Study of Exposed Unauthenticated Systems on the Internet

Ryan Flores

0 vote(s)

We all know unauthenticated connections using VNC, X11 or RDP are disasters waiting to happen.  What’s more, we all know that in the real world, machines reachable through unauthenticated remote connections exists.  But… how big of a problem is it anyway?  How many machines are connected to the Internet but is reachable without authentication?  Moreover, what type of machines are out there and what damage can be potentially done should an attacker realize the insecure setup? 

This presentation details our findings at looking at unauthenticated, remotely accessible systems - from Point-of-Sales (PoS); Heating, Ventilation and Air Conditioning (HVAC) panels; waste management control systems; to Industrial Controls.  We will show the types of exposed devices and geographical distribution, as well as present our methodology on how we were able to identify “interesting” systems and filter out the uninteresting ones.

About Ryan Flores

Currently the senior manager of the Forward-Looking Threat Research team in APAC, Ryan Flores has had more than 13 years of experience in antivirus and IT security under his belt.  He has held various positions in Trend Micro, starting as an antivirus engineer in charge of malware analysis, detection, and removal. He was heavily involved in malware sourcing and honeypot development and deployment as a member of Trend Micro Incident Response Team. His current position requires him to research on botnets, cybercrime and underground activities, as well as emerging technologies.