The ever-increasing connection between public networks and the Industrial Internet of Things (IIoT) that form a significant portion of our critical infrastructure offers new opportunities for cybercriminals and state-sponsored Advanced Persistent Threat (APT) actors. The significant number and diversity of Internet-connected IoT devices that are monitoring and controlling our pipelines, turbines, smart grids, smart transport systems, etc. result in a large and complex attack surface that must be continuously monitored and protected. Exploit-kits, ransomware, and malware are the main tools in the attackers’ arsenal when targeting IIoT networks. This talk starts with discussing why classic cybersecurity defense mechanisms such as patching, password management, etc. are not effective in protecting IoT systems against malicious payloads and why cyber threat hunting is the most effective detection and deterrence strategy. It then presents several state-of-the-art malware and ransomware threat hunting systems and suggests future research directions in the field.

Ali Dehghantanha

University of Guelph

Canada