Domain 7 of CEH – Mobile Platform, IoT and OT Hacking
Domains of CEH
Information Security and Ethical Hacking Overview – 6%
Phases of system hacking and Attack Techniques-17%
Network and perimeter hacking-14%
Web application hacking-16%
Wireless network hacking – 6%
Mobile platform, IoT and OT hacking – 8%
Cloud Computing 6%
We will be discussing the seventh domain of CEH: ‘Mobile platform IoT and OT hacking’
Mobile platform for e-commerce
People couldn’t leave their rooms when they were sending important emails. The computers weren’t portable. Laptops were born, which allowed people to move between different locations while they worked. It isn’t so easy, however, as laptops can feel like extra baggage when we travel. Mobiles have replaced computers and laptops because they can send emails, navigate GPS and browse the Internet with a small, lightweight device that weighs 500g or less. People are increasingly using mobile phones to store all their professional and personal information.
Consumers can also use their mobile phones to transact via mobile networks. They can buy apps and goods, redeem coupons and tickets, bank and other services.
Hackers are targeting mobile devices because we store a lot of information on mobile devices. Organizations are also looking for ethical hackers to ensure their products are secure.
Mobile platforms are facing the most serious threats
Insecure data storage:
Hackers and other threats can be attracted to those who are careless about the security of data stored without adequate security measures.
Hacking can occur if cryptographic algorithms are flawed.
Hacking can be very easy if there is poor key management.
Hacking of IoT (Internet of Things).
IoT devices can be described as hardware devices that have software, sensors, processing capability, and other technologies installed. These devices can be connected to the Internet and other communication networks to exchange data.
Here are some examples of IoT devices:
Wearable health monitors like smartwatches
Smart home security systems
Smart factory equipment
Autonomous farming equipment
Hacking IoT devices is possible, as the result could cause serious damage to our infrastructure, systems, and lifestyle. These devices must be protected with the highest level of security. Organizations spend a lot of effort and time testing these IoT devices to make sure there are no vulnerabilities.
Hackers using ethical hacking techniques are now using new tools to hack IoT devices.
Wireshark: Wireshark, an open-source and free packet analyzer, allows you to analyze and capture network traffic in real time. This tool allows us to spy on our targets easily.
Spying on your targets and you is easy if they are connected to the same network. All you have to do is open Wireshark and make some configuration settings. You can keep an eye out for your target.
Fiddler: Fiddler lets you examine network traffic between the Internet, and test computers to troubleshoot web applications. The tool allows you to examine both incoming and outgoing data so that you can modify and monitor requests and responses before the browser actually receives them.
Nmap: Hackers have the ability to access uncontrolled ports in a system using Nmap. Hackers can hack into targeted systems by running Nmap on the system. This will look for vulnerabilities and then exploit them.
Operational Technology Hacking
Operational Technology (OT), hardware and software that detects or alters physical devices, processes, and other events by direct monitoring and/or controlling, is called Operational Technology. OT is widened in Industrial Control Systems (ICS).