Whether at home or at the workplace, we are increasingly becoming reliant on various devices that have the ability to connect to the internet or more commonly referred to as the Internet of Things (IoT). As a product manufacturer, Panasonic strives to place secure products on the market for our users.
As IoT has become more and more popular, Panasonic has devoted time into understanding the threats against IoT and its associated risk. One such project aimed at this is a threat intelligence system, made from a physical honeypot, software honeypot and a sandbox. Software honeypots are commonly used by security teams, but at Panasonic, we have been able to take advantage of the devices we manufacture and are using not only real appliances in the market but also unreleased products as physical honeypot.
As such, we have been able to collect information on attacks targeting our devices. To date, our system has detected over 179 million attacks and collected over 25,000 malware samples. Of the collected malware samples, about 4,800 targeted IoT devices of which over 20% were not in VirusTotal at the time of collection.
In this session, we will talk about the architecture of our honeypot, and then go on to discuss the types of malware that we have seen through our physical honeypot as well as sharing some data on our analysis of the attacks. With our ultimate goal being able to manufacture cyber resilient IoT devices, we will discuss ideas on how our findings can be utilized by product development teams and any other findings through this project.