IoT VILLAGE - Attacking Smart Irrigation Systems
Formal Metadata
| Title |
IoT VILLAGE - Attacking Smart Irrigation Systems
|
| Alternative Title |
Attacking Commercial Smart Irrigation Systems
|
| Title of Series | |
| Author |
|
| License |
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. |
| Identifiers |
|
| Publisher |
|
| Release Date |
2018
|
| Language |
English
|
Content Metadata
| Subject Area | |
| Abstract |
Smart irrigation systems, a new IoT device which is aimed at saving water and money, have already been adopted by smart cities (e.g., Barcelona), agriculture, and the private sector around the world and will replace existing traditional irrigation systems in the next few years as part of the smart water grid revolution. Connected to the Internet (via Wi-Fi/GSM communication) and critical infrastructure (e.g., water reservoirs), they will become a new target for motivated hackers and attackers. In this talk, we present research that was conducted over the past year, in which we investigated and reversed engineered three of the 10 most sold commercial smart irrigation systems (GreenIQ, RainMachine, and BlueSpray). We analyzed their interfaces with weather forecast services, cloud servers, sensors, and C&C devices, and based on this analysis, we present novel attack vectors against smart irrigation systems. We demonstrate (in videos) the implementation of the attack vectors on commercial smart irrigation systems and show how each of them contains a critical security vulnerability which allows a motivated hacker to remotely gain complete control of the system by: (1) hijacking or (2) influencing the smart irrigation system’s artificial intelligence. Finally, we talk about the damage that hackers can cause by performing attacks on smart irrigation systems and hypothesize whether the next generation of plumbers will use Kali Linux instead of a monkey wrench.
|
00:00
Dialect
Digital media
Motherboard
Infinite conjugacy class property
System programming
Expert system
Student's t-test
Plastikkarte
Twitter
00:37
Polar coordinate system
Game controller
Multiplication sign
Connectivity (graph theory)
Adaptive behavior
Online help
Water vapor
Plastikkarte
Connected space
Web service
Internetworking
Googol
Software
Smartphone
Information
Reverse engineering
Wireless LAN
Physical system
Area
User interface
Linear regression
Planning
Plastikkarte
Computer network
Student's t-test
Connected space
Component-based software engineering
Internetworking
Software
Systems integrator
Personal digital assistant
Time evolution
Green's function
Order (biology)
Universe (mathematics)
System programming
Connectivity (graph theory)
Smartphone
Remote procedure call
Information security
Systems engineering
03:57
Laptop
Slide rule
Conic section
Server (computing)
Mobile app
Service (economics)
Mapping
Interface (computing)
Water vapor
Plastikkarte
Water vapor
Line (geometry)
Plastikkarte
Connected space
Web service
Logic
Internetworking
Personal digital assistant
System programming
Point cloud
Resultant
06:04
Personal identification number
Game controller
Memory card
Memory card
Virtual machine
Computer
Plastikkarte
Set (mathematics)
Computer network
Microcontroller
Mathematical analysis
Plastikkarte
Entire function
Connected space
Product (business)
Pi
Software
Order (biology)
System programming
Freeware
Router (computing)
Reverse engineering
Firmware
09:05
Server (computing)
Robot
Set (mathematics)
Water vapor
Plastikkarte
Neuroinformatik
Mathematics
Telecommunication
Configuration space
output
Proxy server
Metropolitan area network
Physical system
Point cloud
Server (computing)
Interface (computing)
Plastikkarte
Planning
Line (geometry)
Local area network
Telecommunication
Internet service provider
Order (biology)
output
Point cloud
Configuration space
Communications protocol
Physical system
11:18
Slide rule
Server (computing)
Hoax
Computer file
Dependent and independent variables
Multiplication sign
Water vapor
Spyware
Plastikkarte
Number
Timestamp
Direct numerical simulation
Internetworking
Semiconductor memory
Electronic meeting system
Green's function
Queue (abstract data type)
MiniDisc
Address space
Point cloud
Area
Vulnerability (computing)
Execution unit
Dependent and independent variables
Focus (optics)
Server (computing)
Planning
Timestamp
Entire function
Green's function
Infinite conjugacy class property
Order (biology)
Direct numerical simulation
Revision control
Point cloud
Configuration space
Right angle
Communications protocol
Physical system
Resultant
Electric current
Computer worm
17:12
Demo (music)
Water vapor
Plastikkarte
Cartesian coordinate system
17:55
Server (computing)
Hoax
Service (economics)
Code
Multiplication sign
Virtual machine
Water vapor
Plastikkarte
Computer programming
2 (number)
Physical system
Point cloud
Service (economics)
Dependent and independent variables
Linear regression
Server (computing)
Image warping
Code
Planning
Plastikkarte
Denial-of-service attack
Cartesian coordinate system
Timestamp
Software
Web service
Permanent
Green's function
Order (biology)
Direct numerical simulation
Musical ensemble
Communications protocol
Physical system
21:31
Vulnerability (computing)
Server (computing)
Focus (optics)
Dependent and independent variables
Virtual machine
Plastikkarte
Planning
Coordinate system
Client (computing)
Water vapor
Direct numerical simulation
Web service
Uniform resource locator
Semiconductor memory
Internet forum
Order (biology)
Direct numerical simulation
Vulnerability (computing)
23:23
Vulnerability (computing)
Dependent and independent variables
Uniform resource locator
Walsh function
Demo (music)
output
Plastikkarte
Coordinate system
Client (computing)
Water vapor
Communications protocol
Physical system
24:54
Dependent and independent variables
Order (biology)
Moving average
Plastikkarte
Convex hull
Water vapor
Plastikkarte
Computer-assisted translation
Physical system
Sinc function
26:23
User interface
Game controller
User interface
Local area network
Exploit (computer security)
Planning
Plastikkarte
Computer network
Water vapor
Local area network
Plastikkarte
Data transmission
Connected space
Arithmetic mean
Personal digital assistant
Telecommunication
Order (biology)
Interface (computing)
Physical system
27:51
Scheduling (computing)
User interface
Multiplication sign
Authentication
File format
Water vapor
Encryption
Electronic visual display
Communications protocol
Data type
User interface
Authentication
Vulnerability (computing)
Broadcast programming
Demo (music)
File format
Planning
Local area network
Group action
Langevin-Gleichung
Telecommunication
Interface (computing)
Encryption
Communications protocol
Flag
28:54
Finite element method
Word
Code
Moving average
Planning
Water vapor
User-generated content
29:31
User interface
Malware
Distribution (mathematics)
Penetrationstest
Code
30:03
Vulnerability (computing)
Asynchronous Transfer Mode
Latent heat
Functional (mathematics)
State of matter
Code
Order (biology)
Software testing
Water vapor
Line (geometry)
Vulnerability (computing)
31:33
Decision tree learning
Demo (music)
Code
Demo (music)
Password
Plastikkarte
Computer network
Line (geometry)
Local area network
Radical (chemistry)
Telecommunication
Password
Gastropod shell
Moving average
Information security
32:13
Local area network
Telecommunication
Videoconferencing
Moving average
Water vapor
Plastikkarte
Physical system
2 (number)
33:10
Code
Multiplication sign
Modal logic
Water vapor
Web 2.0
Data model
Single-precision floating-point format
Cubic graph
Endliche Modelltheorie
Physical system
Vulnerability (computing)
Point cloud
Service (economics)
Electric generator
Regulator gene
Channel capacity
Closed set
Entire function
Virtual machine
Chain
Order (biology)
System programming
Hill differential equation
Physical system
Firmware
Point (geometry)
Dataflow
Server (computing)
Addition
Link (knot theory)
Robot
Information and communications technology
Denial-of-service attack
Plastikkarte
Product (business)
Telecommunication
Internetworking
Average
Vulnerability (computing)
Metre
Information
Server (computing)
Interface (computing)
Code
Plastikkarte
Denial-of-service attack
Inclusion map
Web service
Sheaf (mathematics)
Revision control
Cubic graph
39:10
Musical ensemble
00:00
hey Ben would you like an introduction or would you like to introduce yourself I will let the experts handle this here you go thank you very much I would like
00:18
to thank you for attending this talk I would also like to thank the guys from dial T Village for helping us to publish this research to the to the media to on Twitter and on motherboard thank you so much let me first introduce myself and then we discussed about what I'm here to present so I'm Ben I'm a PhD student
00:41
from ben-gurion University I studied the area of cybersecurity and IOT devices for the last two-and-a-half years I'm a former Google employee this research was also done using the help of Moshe slow doctor a stop shop time a festival Avicii from a Ben Gurion University and we also want to thank Fujitsu for funding Fujitsu system integration of attalos for funding this research ok so I'm about to present you how attackers can attack smart irrigation system I will start by introducing smart irrigation system then we'll talk about how we reverse engineered as fatty regression systems and I will present you some of the attacks that we did spoofing attacks and replay attacks against Marty regression system and in the end we'll discuss about the damage that can be done using a botnet of smart irrigation system that's it okay so irrigation system and especially smart irrigation systems though about five years ago the first smart irrigation system appear I'm not sure which one was the first might irrigation system however they first appeared five years ago today you can find many vendors that produce that produce material systems they have many connected sensors such as rain sensor and soil moisture sensor for example they even have GSM editions not only Wi-Fi editions and two years ago Barcelona actually adopts smart irrigation systems instead of its traditional irrigation systems ok so smart irrigation systems are actually referred to advanced irrigation systems that incorporate various sensors and network components for increased efficiency in order to save water and money now they are connected to the Internet they provide remote command control service they allow automatic adaptation of watering plan based on weather forecast and they monitor watering plans and water consumption ok
03:03
now let's talk about the motivation for buying smart irrigation systems so first of all they are very cheap the price starts at about 150 you can buy them on Amazon they consider as green technology they design as I said before to save money and also save water they provide very convenient user interface comparing to the traditional irrigation systems it's a remote user interface in which you can use smartphones PCs and even smart assistance to control them and also the enable sensor connectivity as I mentioned before and they have wireless connectivity they provide Wi-Fi at the Wi-Fi editions and also GSM editions in which you can buy in order to deploy in your garden in your yard this is the
03:59
entire ecosystem and the parties in which they are actually interface with so on one hand on one end you have the smart irrigation system it connected to your homeland it also connect to sensors that are also connected to your homelands and they connected to your water line on the one end and to valves on the other end and the valves are actually connected to sprinklers so they actually regulate water obtained from water is a wall now using Internet connectivity the interface with CNC devices which can be your smartphone application your laptop your smart assistant they have dedicated cloud servers in which they are used to I will mention with the few slides from now they are used to communicate with their user and that can be located anywhere around the world and they actually also interface with weather forecast services and this is examples of such and Noah is one of them they know the map know which is their norwegian material logical institute is another one okay now why we consider
05:25
them as interesting and why would the Tucker's will want to attack them so first of all they are connected to critical infrastructure the urban water service or the national water service considered as critical infrastructure and most of the countries around the role another reason to attack them is maybe to cause a financial harm and to a party as a result of overconsumption of water there are places around the world where water is very expensive and by over consuming water you can actually cause a financial harm and these are examples of
06:10
free smart irrigation system commercial smart irrigation system that we investigated in this research we bought the in the blue spray and the green accuse smart irrigation systems they are all provide Wi-Fi connectivity so you can connect them to your homeland using Wi-Fi to your router they are very cheap these are their price including the shipment to Israel they are even cheaper if you buy in if you buy them here in the US also they are consider free of the best five I think or maybe ten top smart irrigation systems according to a few resources so we decided it will be good to use cutting-edge technology such as this the entire set of methods that they will present in this research conducted on this set of smart irrigation systems now let's talk about
07:08
how to I will reverse engineered smart irrigation system so we actually combined two techniques the first technique was extracting the extracting the fumer now if you will see the green IQ which is the one which is that the picture would be the the white one if you take a closer look you will see raspberry pi the guys from Cana hue did not design their own micro controller they actually use raspberry PI's their controller and of course the finger was uploaded to an SD card well so we actually took an SD card label and extracted the film before from there we didn't even had to you know to think a lot and how to they actually helped us in order to get their firmware out of the micro controller the product regarding the rain machine we actually downloaded the film using the UART connector used to a USB cable and this is the way we extract this is the way that we used in order to extract the film well off the rain machine during machine is the one that you can see the pin the a picture and the picture in the left in the on the top left and we also used some network analysis we connected them to a router and we captured their network traffic I would say for three weeks something like this and we analyzed their traffic they're using Wireshark and we actually connected all three of them so we so we have two fingers of the rain machine and the green EQ and the entire network behavior of all of them okay the next
09:07
set of attacks that I will present you called spoofing attacks we actually change the inputs that are going to the smart irrigation system and observed what happened because of our change we actually the purpose of these attacks is to change the input of smart irrigation system in order to water according to attackers wishes and execution of their taxes by performing man in the middle attacks using session hijacking from a bot running on a computer on a compromising and not on a compromised device that is connected to at the same line of the smart irrigation systems
09:56
okay now the first attack between I'm going to present is actually show how you can spoof smart irrigation system configuration a dedicated cloud server is used to provide CNC communication between a device a CNC device a user from one end and the green a cue from two and on the other hand bear in mind that the user can be anywhere around the world and he need to communicate with his own smart irrigation system that connected to his homeland and dedicated cloud server is actually mediate or used as proxy between the user and the smart irrigation system so a session between the green IQ and the cloud server is initiated every minute is initiated every minute in order to check whether the user sent any updates regarding watering plans and things like this one interesting thing is that the entire protocol the entire interface between the smart irrigation system and the cloud server is actually based on HTTP protocol which is pretty funny okay now let's discuss about the
11:22
vulnerability and introduce to their entire protocol and describe you later and show you demonstrate you later how the green acute can be attacked so the session between the green IQ and the DNA and you know what the for this session there is CS in a CNC device which is operated by the user let's say from anywhere around the world not not it is not specifically has to be connected to its homeland it can be operated via the Internet and the green area from the other end is actually initiate at the NS sequester the the silver to find the Carina the green acute that met address the green acute darknet is actually it's cloud server and which is followed by DNS result that is sent from the DNS server now after the the green a queue received the address of its cloud server it's actually initiated an HTTP request which is called ping to cloud the ping to cloud the request is followed by an HTTP response which is sent from the cloud server and contains a timestamp the timestamp is the timestamp of the last time in which the user have updated watering plan from anywhere around the world and stages 5 and 6 are actually are optional and we'll discuss them in a few slides from now ok now let's focus on stage is free and for HTTP request is being sent from the garena queue to the cloud server the green akyuu sends a ping every minute with its device ID you can see it on the left side this is the device ID this was extracted from the payload of the the packet that is being sent from the green enqueue to the cloud server which is then followed by the response the server sends the timestamp of the last time the watering plan was updated by the user and you can see the timestamp over here on the right side it's basically a number which describes the last time that watering plan was updated ok it is all actually being sent on HTTP protocol now this was actually
13:56
extracted from the finger of the green aq take a look on the response which is called new config the answer number four that is being returned to the garena queue now if the new config is actually greater the timestamp of the new config the last time the user sent an update of watering plan is greater than the one that is stored in the memory of the green a queue stages five and six are actually initiated and launched a new HTTP request that is called config.xml request is being sent to to the cloud server in order to obtain the new watering plan and the new configuration that was updated by the user now let's focus on stages five and six an HTTP request is being sent from the green and queue to the cloud server which followed by response of an XML file this is the XML file by the way on the right side you can see that it contains details such as when to what for how much time to water and other things that are important in order to to initiate the watering in the time that the user defined and this is it okay this is a focused on the returned XML file which is the HTTP response as I said contain the entire configuration and went what and went to water and the entire watering plans that the user set up now as I said earlier this is all being done using HTTP requests so hijack the entire session is actually pretty easy you can do it can apply some up spoofing in order to hijack the session and we can use a fake a green a cue cloud server that will answer instead that will respond instead of the real green acute cloud server and when a request an HTTP request with the last user update is being initiated the seller will answer will respond with the current timestamp which is probably bigger than the last time greater than the last time that is stored in the green a queue memory and it will then followed by another request to obtain the new watering plan which can be followed by a response sent from the green aqs server to the green a queue with fake fake watering plan as the attackers wishes to and this is and let me show you the demonstration of what will what would happen if you actually do it
17:21
now this is where you see the green IQ on the right-hand this is the clinical application there is no watering plants scheduled at all and we apply the attack that I just presented and look what happened to them you can just initiate watering as you wish okay okay let's continue
17:55
[Applause] [Music] okay so you might ask yourself what will happen if instead of returning the current time the current time stamp you will return a response of a time stamp that is actually ten years from now and then send the fake watering plan that lets say initiate watering all day long for the week so actually if you will see the fewer code on the left side if you will send a response and you can see it on the arrow in for a response with let's say future time stamp it's actually gonna cause the green aq to ignore any legitimate any legitimate C&C command that is will be initiated by the user now combining this with let's say watering all day long will actually in order to stop watering all day long the user will not be able to use his application in order to stop watering so what we actually will have to do is physically disconnect the green IQ from the network in order to stop such an attack so it's actually a permanent denial of service of the green McHugh it will require the user to physically disconnect the smadi regression system in order to stop to stop it from watering is yard okay
19:40
the second spoofing attack that we and that about to present use actually is actually spoof is actually spoofing water a weather forecast now it's my dear aggression system automatically such as the one that is presented in here which is the rain machine automatically adapts its watering plan according to the weather forecast obtained from weather forecast services its was actually designed to save what and you can think about rainy days no water is actually no watering is actually needed so smart irrigation system knows and programmed to prevent watering in let's say rainy days and they also a program to compensate for the lack of water in dry days so they actually every six hours the weather forecast request is sent to the weather forecast server and using the weather forecast that is being retained the smart irrigation system adapts its way watering plans automatically okay so there are several weather forecast services that provide HTTP protocol to them and not HTTP one of them was the Norwegian meteorological Institute which calls met no however six months ago something like this they upgraded their the upgraded the protocol to HTTPS however you can find many other weather forecast services that are still using HTTP protocol instead of HTTP and apply data that I'm about to show you so let's
21:33
focus on the vulnerability the during machine actually initiated in this request of weather forecast service that has been configured in our memory in its memory which is followed by DNS resolve sent from the DNS server afterwards a request for forecasts for weather forecast is being sent from is being initiated by the rain machine it includes latitude and longitude that were defined by the user the latitude and the longitude of the specific location of the smart irrigation system and they are then followed by response which is weekly weather forecasts and rain machine automatically adapt its watering plan according to the weather forecast in order to save water and to compensate for the lack of water in order to water your garden your yard and
22:26
this is how it looks like request is being sent from the rain machine to methanol and which include the GPS coordination of the location of the rain machine and it's followed by an HTTP response which is a weekly weather forecast and this is how it looks like it's actually contains temperature wind direction humidity wind speed and other things that are actually important to the smart irrigation system in order to adapt its watering plan and this is actually is being sent on let's say on our little solution so this is it now it's being by the way initiated every six hours that there are four four requests for gtp request such as this that are being initiated by the rain mission today now Wesker's of how we can
23:26
exploit such a protocol that is based on HTTP protocol and two ways in which we found we found a way to disprove the input to this material system one of them is to spoof the request location which you can think about instead of sending the true location of the smart irrigation system you will send a that appeals as if it if it is the most Alec placed on elf and this will actually result in a response of weather forecast that with the dry humidity which will require the smart irrigation system to adapt itself to water because of the lack of rain that that is being that it understand from the water forecast that is being sent another way is just to remove the response and just changing the values of the weather forecast that is being sent and let me show you how I show you on the earlier
24:38
one way is to change the GPS coordination the requests and other ways to change the values that are being received by the smart irrigation system and I have a demonstration to show you
25:03
so this is my cat by the way
25:17
okay well what you're about to see is that the smart irrigation system is being configured to London during winter and you will see that no watering and no water is actually needed in order to water your garden take a look on the weather forecast that is being received by the smart irrigation system it starts from minus 1 up to 6 Celsius and you see the 0% 0% are the amount of water that are required in order to water your garden since it's a rainy day no water is actually required however after applying our attack you will see like values that don't make any sense in a minute it's
26:24
okay this is the smart irrigation system after we apply the attack you can see values that range from zero to fifty the smart irrigation system understood that it's considered as very dry weather forecast so it actually adapts to uttering a plan as you can see 53 percent 100% so if the attacker when he will apply such an attack he actually managed to cut the smart irrigation system to obtain water when it actually does not need to obtain it
27:11
okay so this both these two attacks were spoofing attacks and now I'm about to show you to replay attacks also in this case the purpose is to exploit the legitimate human machine interface for CNC for command control communication as a means of attacking the smart irrigation system in order to water according to the attackers wish and the execution is also being done from abroad running on a compromised device that is connected to the same LAN of the smart irrigation system and the first attack
27:53
that we found first an ability that we found is actually founded in the Bliss on the blue spray displays the one that is actually on the left the picture on the left it provides HMI communication using a dedicated web interface that is based on HTTP where a protocol and it provides it to devices that are connected to its lon now it allows the user to schedule watering plans however no encryption or authentication are applied so this is even easier than before this is by the
28:30
way the gist and format of the house scheduling watering the request is being initiated you can see the start date and how much time do you want to order and other things so it's actually very easy even to understand how to attack it and how to schedule unnecessary watering plan and let me show you the demo of applying such an attack
29:17
okay so what you're seeing in here this
29:19
is the original watering plan that was configured there are no watering plans at all and wrote a simple Python code that actually initiates using HTTP request watering and this is a word we
29:37
actually apply it now let me show you the result of
29:55
applying this code for executing this code this is the exact web interface in which I talked of now when you look at
30:06
the watering plans that are actually all
30:10
day long for the entire week so this was only initiated using simple HTTP requests
30:26
another interesting attack that we thought of for presenting the vulnerability we actually extracted the code from the community as we mentioned earlier they actually use a Raspberry Pi so we extracted the defin will very easily and we analyzed their code and found on the following code lines you can see the state GPIO function and it's actually it's its execution that operate the master valve actually opens the valve so water will actually flow outside and this is the inline four to eight you can see the execution of such GPIO and specific about that is being specific about that is being operated we actually ask ourselves how we can use it in order to initiate watering so by assuming one of
31:37
the following either the SSH password is too weak or it is has been leaked or either the smart irrigation system itself is compromised then you can apply such an attack you can open a secure shell terminal and just open the valve using the code that I just present you the code that was in line four to eight and this is the demo that
32:05
zero
32:16
okay take a look at the following video you can see the green Akio and how we are playing with the opening the valve and closing the valve every 10 seconds this is where it stops for 10 seconds and afterwards it is being again initiated now you can see the watering is actually starts again and we actually use we applied it using SSH communication that was applied from another compromised device that was connected to the same local area network of the green EQ
33:13
okay so after you know how to actually initiate watering as you wish and in the times that you wish to water them you can also imagine what would have happened what would happen if an attacker has managed to use a botnet smart irrigation system so you know botnets today are being you can rent them on the the dark web so they're pretty easy too they're fine in the wilds you can find them on the Internet you do not have to actually infect smart irrigation system you can rent the botnet and check whether a smart irrigation system is connected to the land of the compromised device where the bot is running and you can think about using a CNC model about mental smart irrigation system and initiate watering from many smart irrigation systems simultaneously and we ask ourself what would have happen if an attacker has managed to control a botnet of smart irrigation system using a CNC server and
34:30
we analyze the damage and the typical sprinklers water flow this is actually the Falcon taken from the Falcons specs is between zero point six six and four point nine three cubic meters per hour so let's say on average it's two point seven nine five cubic meters on average per hour what is the damage incurred when the attack is performed using a bucket of smart irrigation systems that are triggered to water simultaneously now this is actually pretty interesting you need a botnet of one hand I have one thousand three hundred the sprinklers and you need to operate them for a single hour in order to empty a typical water tower capacity which is around three hundred and seven eight seven eight seven cubic meters and if you're thinking about how you can empty a flood water reservoir so this is why you need a bigger botnet let's say about twenty three thousands and you need to operate them for six hours during night in order to empty a few water reservoir which is its capacity is around four hundred and four K cubic meters so it's actually let's say pretty dangerous attack if the attacker can actually harm an entire city and even a nation if you will manage to infect many smart irrigation system and this is pretty interesting because this generation of IOT devices is actually being used by consumers to regulate resource such as water that are obtained from critical infrastructure now traditional attacks against critical infrastructure required the attackers to somehow in fact the critical infrastructure itself they must use supply chain attacks they either some let's say insiders to infect the system to attend fight critical infrastructure systems this kind of attack is actually an indirect attack and it's much easier to deploy and the reason that is it is much easier to deploy is when you considers a critical infrastructure they actually use ideas and IPS increasing detection systems and prevention systems to prevent from attackers to attack their systems however as you can see this attack is actually indirect it is much easier to attack the weakest link in the interface between the IOT device to this critical infrastructure instead of attacking the critical infrastructure itself so this was actually the entire idea behind this attack how you can manage to attack a critical infrastructure indirectly one last thing regarding ethics we actually provided full ethical disclosure to each one of the smarter irrigation systems manufacturers that I showed you we make you actually thanked us and they decided to apply to TPS communications so I think that you were not able to apply our attacks and they are now well aware to the vulnerabilities they also decided to close SSH port in the film were so they actually prevent from attack from running Python code and to initiate watering regulation and blue spray engineers contact us and we actually provide them the entire necessary information in order to this to patch the fingers however they did not tell das told us whether they patch the vulnerabilities so I'm not sure whether you can apply our attacks or no I think that you from my experience with this kind of manufacturers you probably they did not patch their products yet and they probably have some better things to do this is it any questions
39:17
okay thank you very much [Music] [Applause]
