 Ben, would you like an introduction or would you like to introduce yourself? We'll let the experts handle this. Here you go. Thank you very much. I would like to thank you for attending this talk. I would also like to thank the guys from the IoT Village for helping us to publish this research to the media, on Twitter and on Motherboard. Thank you so much. Let me first introduce myself and then we'll discuss about what I'm here to present. I'm Ben. I'm a Ph.D. student from Ben Guion University. I studied the area of cyber security and IoT devices for the last two and a half years. I'm a former Google employee. This research was also done using the help of Moshe Slo, Professor from Ben Guion University. We also want to thank Fujitsu for funding integration laboratories for funding this research. I'm about to present you how attackers can attack smart irrigation system. I will start by introducing smart irrigation system. Then we'll talk about how we reverse engineered smart irrigation systems. I will present you some of the attacks that we did, spoofing attacks and replay attacks against smart irrigation system. In the end we'll discuss about the damage that can be done using the botnet of smart irrigation system. That's it. Okay, so irrigation system and especially smart irrigation system. About five years ago the first smart irrigation system appeared. I'm not sure which one was the first smart irrigation system. However, they first appeared five years ago. Today you can find many vendors that produce smart irrigation systems. They have many connected sensors such as rain sensor and soil moisture sensor, for example. They even have GSM additions, not only Wi-Fi additions. And two years ago Barcelona actually adopted smart irrigation systems instead of its traditional irrigation systems. Okay, so smart irrigation systems are actually referred to advanced irrigation systems that incorporate various sensors and network components for increased efficiency in order to save water and money. Now they are connected to the internet. They provide remote command control service. They allow automatic adaptation of watering plan based on weather forecast. And they monitor watering plans and water consumption. Okay, now let's talk about the motivation for buying smart irrigation systems. So first of all they are very cheap. Their price starts at about $150. You can buy them on Amazon. They consider as green technology. They design, as I said before, to save money and also save water. They provide very convenient user interface comparing to the traditional irrigation systems. It's a remote user interface in which you can use smart phones, PCs, and even smart assistants to control them. And also they enable sensor connectivity, as I mentioned before. And they have wireless connectivity. They provide Wi-Fi additions and also GSM additions in which you can buy in order to deploy in your garden, in your yard. This is the entire ecosystem. And the part is in which they are actually interface with. So on one end you have smart irrigation system. It connected to your home land. It also connects to sensors that are also connected to your home lands. They connected to your water line on the one end and two valves on the other end. And the valves are actually connected to sprinklers so they actually regulate water obtained from water reservoir. Now using internet connectivity they interface with CNC devices which can be your smart one application, your laptop, your smart assistant. They have dedicated cloud servers in which they are used to, I will mention a few slides from now, they are used to communicate with their user that can be located anywhere around the world. And they actually also interface with weather forecast services. And this is examples of such. NOAA is one of them. The Metno which is the Norwegian Meteorological Institute is another one. Okay, now why we consider them as interesting and why would attackers will want to attack them? So first of all they are connected to critical infrastructure. The urban water service or the national water service considered as critical infrastructure in most of the countries around the world. Another reason to attack them is maybe to cause a financial harm to a party as a result of over consumption of water. There are places around the world where water is very expensive and by over consuming water you can actually cause a financial harm. And these are examples of free smart irrigation system, commercial smart irrigation system that we investigated in this research. We bought the rain machine, the blue spray and the green IQ smart irrigation systems. They all provide Wi-Fi connectivity so you can connect them to your home land using Wi-Fi to your router. They are very cheap. These are their price including the shipment to Israel. They are even cheaper if you buy them here in the U.S. Also they are considered free of the best five I think or maybe ten top smart irrigation systems according to a few resources so we decided it will be good to use cutting edge technology such as this. The entire set of methods that they will present in this research conducted on this set of smart irrigation systems. Now let's talk about how we reverse engineered smart irrigation system so we actually combine two techniques. The first technique was extracting the firmware. Now if you will see the green IQ which is the one which is the picture would be, the white one. If you take a closer look you will see Raspberry Pi. The guys from green IQ did not design their own microcontroller. They actually use Raspberry Pi as their controller and of course the firmware was uploaded to an SD card. So we actually took an SD card reader and extracted the firmware from there. We didn't even had to think a lot and how they actually helped us in order to get the firmware out of the microcontroller, the product. Regarding the rain machine we actually downloaded the firmware using a UART connector to a USB cable and this is the way we extract, this is the way that we used in order to extract the firmware off the rain machine. The rain machine is the one that you can see in the A picture. The picture on the top left. And we also used some network analysis. We connected them to a router and we captured their network traffic I would say for three weeks, something like this. And we analyzed their traffic using a wire shark and we actually connected all three of them. So we have two firmware of the rain machine and the green IQ and the entire network behavior of all of them. Okay the next set of attacks that I will present you called spoofing attacks, we actually changed the inputs that are going to the smart irrigation system and observed what happened because of our change. We actually, the purpose of these attacks is to change the input of smart irrigation system in order to water according to attackers wishes and the execution of the attacks is by performing many of the middle attacks using session hijacking from a bot running on a computer on a compromised device that is connected to the same line off the smart irrigation systems. Okay now the first attack that I'm going to present is actually show how you can spoof smart irrigation system configuration. A dedicated cloud server is used to provide CNC communication between a device, a CNC device, a user from one end and the green IQ from on the other hand. Bear in mind that the user can be anywhere around the world and he need to communicate with his own smart irrigation system that connected to his home line and the dedicated cloud server is actually mediates or uses proxy between the user and the smart irrigation system. So a session between the green IQ and the cloud server is initiated every minute in order to check whether the user sent any updates regarding watering plants and things like this. One interesting thing is that the entire protocol, the entire interface between the smart irrigation system and the cloud server is actually based on HTTP protocol which is pretty funny. Okay now let's discuss about the vulnerability and introduce their entire protocol and describe you later and show you, demonstrate you later how the green IQ can be attacked. So the session between the green IQ and the, you know, before the session there is a CNC device which is operated by the user. Let's say from anywhere around the world, it is not specifically has to be connected to its home line. It can be operated via the internet. And the green IQ from the other end is actually initiate a DNS request to a DNS server to find the green IQ dot net address, the green IQ dot net is actually its cloud server which is followed by DNS resolve that is sent from the DNS server. Now after the green IQ received the address of its cloud server, it's actually initiated an HTTP request which is called ping to cloud. The ping to cloud request is followed by an HTTP response which is sent from the cloud server and contains a timestamp. The timestamp is the timestamp of the last time in which the user have updated watering plan from anywhere around the world. And stages five and six are actually are optional. And we'll discuss them in few slides from now. Okay now let's focus on stages three and four. HTTP request is being sent from the green IQ to the cloud server. The green IQ sends a ping every minute with its device ID. You can see it on the left side. This is the device ID. This was extracted from the payload of the packet that is being sent from the green IQ to the cloud server. Which is then followed by the response. The server sends the timestamp of the last time the watering plan was updated by the user. And you can see the timestamp over here on the right side. It's basically a number which describes the last time that the watering plan was updated. Okay it is all actually being sent on HTTP protocol. Now this was extracted from the firmware of the green IQ. Take a look on the response which is called new config on stage number four that is being returned to the green IQ. Now if the new config is actually greater the timestamp of the new config the last time that the user sent an update of watering plan is greater than the one that is stored in the memory of the green IQ. Stages five and six are actually initiated and launched. A new HTTP request that is called config XML request is being sent to the cloud server in order to obtain the new watering plan and the new configuration that was updated by the user. Now let's focus on stages five and six. And HTTP request is being sent from the green IQ to the cloud server which followed by response of an XML file. This is the XML file by the way on the right side. You can see that it contains details such as when to water, for how much time to water and other things that are important in order to initiate the watering in the time that the user defined. And this is it. Okay this is a focus on the returned XML file which is the HTTP response. As I said it contained the entire configuration and went to water and the entire watering plans that the user set up. Now as I said earlier this is all being done using HTTP requests. So hijacked the entire session is actually pretty easy. You can do, you can apply some up spoofing in order to hijack the session and you can use a fake green IQ cloud server that will answer instead, that will respond instead of the real green IQ cloud server. And when a request, an HTTP request with the last user update is being initiated the server will answer, will respond with the current timestamp which is probably bigger than the last time, greater than the last time that is stored in the green IQ memory. And it will then follow by another request to obtain the new watering plan which can be followed by a response sent from the green IQ server to the green IQ with fake, fake watering plan as the attackers wishes to. And this is, and let me show you the demonstration of what would have happened if you actually do it. Now this is where you see the green IQ on the right end and this is the green IQ application. There is no watering plan scheduled at all and we apply the attack that I just presented and look what happened to the, you can just initiate watering as you wish. Okay? Okay let's continue. Okay so you might ask yourself what will happen if instead of returning the current time, the current timestamp you will return a response of a timestamp that is actually 10 years from now and then send the fake watering plan that let's say initiate watering all day long for the whole week. So actually if you will see the firmware code on the left side, if you will send a response and you can see it on the arrow in four, a response with let's say future timestamp, it's actually going to cause the green IQ to ignore any legitimate, any legitimate CNC command that will be initiated by the user. Now combining this with let's say watering all day long will actually in order to stop watering all day long the user will not be able to use his application in order to stop watering. So what he actually will have to do is physically disconnect the green IQ from the network in order to stop such an attack. So it's actually a permanent denial of service of the green IQ that required the user to physically disconnect the smart irrigation system in order to stop it from watering his yard. Okay, the second spoofing attack that we are about to present you is actually spoofing weather forecast. Now a smart irrigation system automatically such as the one that is presented in here, which is the rain machine, automatically adapts its watering plan according to the weather forecast obtained from weather forecast services. It was actually designed to save water and you can think about rainy days, no water is actually, no watering is actually needed. So smart irrigation system knows and programmed to prevent watering in let's say rainy days and they also are programmed to compensate for the lack of water in dry days. So they actually every six hours the weather forecast request is sent to the weather forecast server and using the weather forecast that is being returned, the smart irrigation system adapts its watering plan automatically. Okay, so there are several weather forecast services that provide HTTP protocol to them and not HTTPS. One of them was the Norwegian Meteorological Institute which calls METNO. However six months ago something like this, they upgraded the protocol to HTTPS. However you can find many other weather forecast services that are still using HTTP protocol instead of HTTPS and apply the attack that I'm about to show you. So let's focus on the vulnerability. The rain machine actually initiated in this request of weather forecast service that is being configured in their memory, its memory, which is followed by DNS results sent from the DNS server. Afterwards a request for forecast, for weather forecast is being sent from, is being initiated by the rain machine. It includes latitude and lengthitude that were defined by the user, the latitude and the longitude of the specific location of the smart irrigation system. And they are then followed by response which is weekly weather forecast and rain machine automatically adapts its watering plan according to the weather forecast in order to save water and to compensate for the lack of water in order to water your garden, your yard. And this is how it looks like. A request is being sent from the rain machine to Metno which includes the GPS coordination of the location of the rain machine. And it's followed by an HTTP response which is a weekly weather forecast and this is how it looks like. It's actually contains temperature, wind direction, humidity, wind speed and other things that are actually important to the smart irrigation system in order to adapt its watering plan. And this is actually being sent on, let's say on hourly resolution. So this is it. Now it's being, by the way, initiated every six hours that there are four, four request, four HTTP request such as this that are being initiated by the rain machine. Now we ask ourselves how we can exploit such a protocol that is based on STGP protocol and there are two ways in which we found a way to spoof the input to the smart irrigation system. One of them is to spoof the request location which you can think about instead of sending the true location of the smart irrigation system, you will send a location that appears as if it is the most arid place on earth and this will actually result in a response of weather forecast that with the dry humidity which will require the smart irrigation system to adapt itself to water because of the lack of rain that it understands from the weather forecast that is being sent. Another way is just to spoof the response and just changing the values of the weather forecast that is being sent and let me show you how I show you on the earlier one ways to change the GPS coordination, the request and the other ways to change the values that are being received by the smart irrigation system. I have a demonstration to show you so this is my cat by the way. What you are about to see is that the smart irrigation system is being configured to London during winter and you will see that no watering and no water is actually needed in order to water your garden. Take a look on the weather forecast that is being received by the smart irrigation system. It starts from minus one up to six Celsius and you see the zero percent, zero percent are the amount of water that are required in order to water your garden since it's rainy day no water is actually required. However, after applying our attack you will see like values that don't make any sense in a minute. Okay, this is the smart irrigation system after we apply the attack. You can see values that range from zero to fifty. The smart irrigation system understood that it's considered as very dry weather forecast so it actually adapts its watering plan. As you can see fifty three percent and one hundred percent so the attacker when he will apply such an attack he actually managed to cause the smart irrigation system to obtain water when it actually does not need to obtain it. Okay, so these two are actually attacks were spoofing attacks and now I'm about to show you two replay attacks. Also in this case the purpose is to exploit and legitimate human machine interface for CNC, for command control communication as a means of attacking the smart irrigation system in order to water according to the attacker's wish and the execution is also being done from a bot running on a compromised device that is connected to the same LAN of the smart irrigation system and the first attack that we found, the first vulnerability that we found is actually, we found it in the blue spray, blue spray is the one that is actually on the left, the picture on the left. It provides HMI communication using a dedicated web interface that is based on HTTP protocol and it provides its two devices that are connected to its LAN. Now it allows the user to schedule watering plans however no encryption authentication are applied so this is even easier than before. This is by the way the decent format of how scheduling watering request is being initiated. You can see the start date and how much time do you want to water and other things so it's actually very easy even to understand how to attack it and how to schedule unnecessary watering plan and let me show you the demo of applying such an attack. Okay, so what you're seeing in here, this is the original watering plan that was configured. There are no watering plans at all and wrote a simple Python code that actually initiates using HTTP request watering and this is where we actually apply it. Now let me show you the result of applying this code, executing this code. This is the exact web interface that we talked of. Now when you look on the watering plans that are actually all day long for the entire week so this was only initiated using simple HTTP request. Another interesting attack that we thought of, let me present you the vulnerability, we actually extracted the code from the green AQ as we mentioned earlier they actually used Raspberry Pi so we extracted the firmware very easily and we analyzed the code and found the following code lines. You can see the state GPIO function and it's actually it's execution that operate the master valve actually opens the valve so water will actually flow outside and this is in line 428 you can see the execution of state GPIO and the specific valve that is being operated and we actually asked ourselves how we can use it in order to initiate watering. So by assuming one of the following either the SSH password is too weak or it has been leaked or either the smart irrigation system itself is compromised then you can apply such an attack, you can open a secure shell terminal and just open the valve using the code that I just present to you the code that was in line 428 and this is the demo that shows you. Okay take a look on the following video. You can see the green AQ and how we are playing with the opening the valve and closing the valve every 10 seconds. This is where it stops for 10 seconds and afterwards it is being again initiated. Now you can see the watering is actually starts again. And we actually used, we applied it using SSH communication that was applied from another compromised device that was connected to the same local area network of the green AQ and then we applied it. Okay so after you know how to actually initiate watering as you wish and in the times that you wish to water them you can also imagine what would have happened, what would happen if an attacker has managed to use a botnet of smart irrigation system. So you know botnets today are being you can render them on the dark web so they are pretty easy to find in the wild, you can find them on the internet, you do not have to actually infect smart irrigation system, you can render botnet and check whether a smart irrigation system is connected to the line of the compromised device where the bot is running and you can think about using a CNC model, a botnet of smart irrigation system and initiate watering from many smart irrigation systems simultaneously and we ask ourselves what would have happened if an attacker has managed to control a botnet of smart irrigation system using a CNC server and we analyze the damage and the typical sprinklers water flow, this is actually the falcon taken from the falcon's specs is between 0.66 and 4.93 cubic meters per hour so let's say on average it's 2.795 cubic meters on average per hour, what is the damage included when the attack is performed using a botnet of smart irrigation systems that are triggered to water simultaneously, now this is actually pretty interesting, you need a botnet of 1,300 sprinklers and you need to operate them for a single hour in order to empty a typical water tower capacity which is around 387 cubic meters and if you're thinking about how you can empty a fluid water reservoir so this is where you need a bigger botnet let's say about 23 thousands and you need to operate them for six hours during night in order to empty a fluid water reservoir which is, its capacity is around 404 k cubic meters so it's actually, let's say a pretty dangerous attack if the attacker can actually harm an entire city and even a nation if he will manage to infect many smart irrigation systems and this is pretty interesting because this generation of IoT devices is actually being used by consumers to regulate resource such as water that are obtained from critical infrastructure now traditional attacks against critical infrastructure require the attackers to somehow infect the critical infrastructure itself they mostly use supply chain attacks they either use some let's say insiders to infect the system, to infect critical infrastructure systems this kind of attack is actually an indirect attack and it's much easier to deploy and the reason that it is much easier to deploy is when you consider critical infrastructure they actually use IDS and IPS increasing the Texas systems and prevention systems to prevent from attackers to attack their systems however as you can see this attack is actually indirect it is much easier to attack the weakest link in the interface between the IoT device to this critical infrastructure instead of attacking the critical infrastructure itself so this was actually the entire idea behind this attack how you can manage to attack critical infrastructure indirectly one last thing regarding ethics we actually provided full ethical disclosure to each one of the smart irrigation systems manufacturers that I showed you green IQ actually thanked us and they decided to apply GPS communication so I think that you will not able to apply our attacks and they are now well aware to their vulnerabilities they also decided to close SSH port in the firmware so they actually prevent from attack from running Python code to initiate watering, rainwater and blue spray engineers contact us and we actually provide them the entire necessary information in order to patch the firmware however they did not tell us told us whether they patched their vulnerabilities so I'm not sure whether you can apply our attacks or no I think that you from my experience with this kind of manufacturer as you probably they did not patch their products yet and they probably have some better things to do this is it any questions okay thank you very much