The Bad Guys Have Your Pacemaker: How to Stop Attacks on Your IoT Devices

13th July 2016 in London at CodeNode

There are 85 other SkillsCasts available from FullStack 2016 - the conference on JavaScript, Node & Internet of Things

Please log in to watch this conference skillscast.

581610334 640

Gartner has estimated that 21 billion internet-connected devices will be in the hands of consumers by 2020. As the Internet of Things becomes more ubiquitous, you see “dumb” devices becoming “smart” as they call for internet connectivity as part of normal day-to-day use.

As internet-connected versions of devices like thermostats, syringe pumps, and centrifuges become commercially successful, you’re finding that little thought has gone into securing the data collected or controlled by them. When considering everyday objects like refrigerators and toasters, the risk is arguably limited. But consider the ramifications when products that bear the keys to our life & livelihood, devices like cars and pacemakers, are compromised. How “smart” are these devices if they are more often than not susceptible to potentially lethal attacks?

In this talk you will explore:

  1. Recent, successful IoT attacks

  2. A first-hand account working with an early-stage company to identify potentially dangerous vulnerabilities

  3. How to take a proactive approach to security: what you can do moving forward to keep yourself safe from “smart” devices?


The Bad Guys Have Your Pacemaker: How to Stop Attacks on Your IoT Devices

Ian Spiro

Ian still retains characteristics indicative of his misspent youth as a professional snowboarder for Burton Snowboards as part of the Burton Global A Team. He graduated magna cum laude from the University of Vermont in 2005, with a B.S. in Computer Science and a B.S. in Applied Mathematics. He spent eight years at Ounce Labs/IBM helping to develop one of the industry’s leading static analysis tools, performing hundreds of security assessments of high-risk enterprise applications, and prototyping new methodologies for understanding web application frameworks. In 2013, Ian founded Vermont Secure Computing, where he designed and developed new security technologies for cryptocurrencies and cryptographic key management.

Sam Headrick

Sam is a skilled software engineer, product manager, and entrepreneur with over twenty years of experience developing and producing a diverse portfolio of applications with a consistent focus on security. He joined Codiscope with a goal to broaden the security expertise of developers everywhere while helping them harden their applications against attacks. Prior to Codiscope, Sam led the security efforts at Aspen Technology and played a crucial role in the architecture, design, and development of the static analysis platform at Ounce Labs (acquired by IBM). He also co-founded Digital Media on Demand, the first pay-per-download music service, where he created a secure transport protocol at a time when SSL/TLS was in its infancy. Sam maintains his passion for music today by composing and playing in his free time. He holds patents in music and digital content distribution.