About

Organized by security consulting and research firm Independent Security Evaluators (ISE), IoT Village delivers advocacy for and expertise on security advancements in Internet of Things devices. IoT Village hosts talks by expert security researchers who dissect real-world exploits and vulnerabilities and hacking contests consisting of off-the-shelf IoT devices.

IoT Village's contests are brought to you by SOHOpelessly Broken™, the first-ever router hacking contest at DEF CON. The ISE research that inspired the SOHOpelessly Broken™ contests delivered 56 CVEs to the infosec community. Over the years at DEF CON, IoT Village has served as the platform to showcase and uncover 278 new vulnerabilities in connected devices.

Follow both ISE (@ISEsecurity) and IoT Village (@IoTvillage) on Twitter for updates on talks, contests, and giveaways.

Want to help, get updates or just show your interest?

Get Involved


IoT [VIRTUAL] VILLAGE

IoT Virtual Village, occurring over 3 days from May 28-30, will offer the same high-quality content like hands-on labs, contests, and presentations that you would find at a physical IoT Village event and with similar access to discussions and networking opportunities. We will host two evenings of talks May 28-29, and an all-day IoT CTF May 30.

The event will also feature the launch of online IoT hacking labs! There will be chat rooms for all the topics, labs, and talks, which will provide attendees with a unique opportunity to have in-depth discussions with their peers and professionals right from the comforts of their own home. Join us for a virtual social hour that will allow those discussions to continue in an even more relaxed setting.

Follow both IoT Village (@IoTvillage) and Village ID/IOT Labs (@VillageIDIOTLab) on Twitter for updates on talks, contests, and giveaways.


Friday, May 29th, 2020

Time (EDT/GMT-4) Topic Presenter
6:00 pm - 6:45 pm Effects of IoT on corporate security during work from home Panel
6:50 pm - 7:35 pm Emulating IoT Malware and Firmware with Docker+QEMU Ilya @drablyechos
7:40 pm - 8:05 pm SCADA/ICS Inherited Insecurity: From Nuclear Power Plants to Oil Rigs Aleksander Gorkowienko
8:10 pm - 8:35 pm The Great Hotel Hack: Adventures in Attacking Hospitality Industry Etizaz Mohsin @aitezazmohsin
8:40 pm - 9:05 pm Power Line Communication Security on Smart Meters Fatih Kayran @kayranfatih
9:10 pm - 9:50 pm SYNwall - A Zero-configuration (IoT) Firewall Cesare Pizzi @red5heep
6:00 pm - 10:00 pm IoT Hands-on labs

Saturday, May 30th, 2020

Time (EDT/GMT-4) Topic Presenter
10:00 am - 5:00 pm IoT (soho) CTF IoT Village <3 join the discord
10:00 am - 5:00 pm IoT Hands-on labs Village Idiot Labs
1:00 pm - 5:00 pm THREAT SIMS CTF Threat Simulations
Sign Up Here!



CFP

We at IoT Village want you to join us for our online conference, so submit a talk now! All talks related to IoT security issues are welcome, with special emphasis on any of the following topics:

  • Internet of Vulns - Have some new research to share or an exciting story about a vuln? Found an interesting new attack method or a new class of vulnerability? Or perhaps you’ve dug into an IoT botnet and have discovered secrets you want to share! If it’s research, and it’s related to IoT, we want to hear about it.

  • Internet of Tools - Working on a new hacking tool or app that helps find novel vulnerabilities in IoT?

  • Leadership in IoT - What do C-levels, supervisors, and captains of industry need to know about security? How can leaders better educate themselves and their staff on IoT security? What are leaders in the field looking for from researchers? How can you become a leader in this field?

Ideas for Talk Formats: slide decks, hacking walkthroughs, demos, tutorials, be creative!
We are accepting 20 minute and 45 minute talks.

We encourage coordinated disclosure.

Closed


DEADLINE May 18th, 2020Closed



CFM

The IoT Village is looking for makers in the community to showcase their inventory at our first virtual conference happening May 28-30! We want to give back during this difficult time and embrace your do-it-yourself (or together!) attitude. If this sounds interesting, submit a link to your online shop, and you will have access to our online platform during the event dates where you will be showcased along with your peers in our “Virtual Maker Hall”. Conference attendees will be able to visit the maker hall channel and shop around. We encourage anyone that wants to be a part of this new idea to promote your involvement with this event to attract the maximum amount of foot traffic.

We are also looking to commission a few IoT Village branded, unique items. So submit those examples or designs of items like pins, stickers, hats, face masks, etc. Whatever it is that you specialize in, WE WANT TO SEE IT! You have until 17 May 2020 at 11:59 pm ET, to submit your online shop/designs/ideas via this Google Form



DEADLINE May 18th, 2020Closed



T-Shirt/Logo Contest

Have a favorite T-shirt? Love IoT Village? Love Hacking? Why not come up with an amazingly unique and creative design and have us put it on T-shirts for the world to see and own!

We're calling on all designers/hackers/creators/meme-makers to design the next generation of IoT Village T-shirts that will be made available at future events (virtual for the time being). These are more than just T-shirts; they capture the essence of who we are and reflect the spirit of our community.

We want to give back as much as we can right now, so proceeds from the winning T-shirt design sales will be donated to a local food bank in the winner’s name. *Purchase has to be made between May 21st-June 4th to be eligible for the charity donation.*


Here's How It Works:

  • You have until 17 May 2020 at 11:59 pm ET, to submit your creative ideas via this Google Form
  • Limit of one design per person.
  • Provide us a mockup of your shirt design.
  • If you want to use our logo in the design let us know.

Picking a Winner

We will do an initial review of all submissions and choose the best three (3) finalists and put it to the community for a final vote during IoT [Virtual] Village!






DEADLINE May 18th, 2020Closed


Upcoming Event Schedule

= Village and/or Contest Appearances =

Event Activities Date
BSidesSF San Francisco, CA Labs February 23-24, 2020
RSAC San Francisco, CA IoT Sandbox February 26-27, 2020
Cyphercon 4.0 Milwaukee, WI Village CTF April 2-3, 2020
BSidesCharm Maryland Village CTF + Labs April 4-5, 2020
DEF CON 28 Las Vegas, NV Village Talks + Labs + Contests August 7-9, 2020
BSidesDC DC Village CTF + Labs October 16-18, 2020
HiTB CYBERWEEK Abu Dhabi, UAE Labs October 29-31, 2020
Texas Cyber Summit San Antonio, TX Village CTF + Labs October 29-31, 2020

Partner Schedule

Event Partner Date
BSides Vancouver Village Idiot Labs March 22 - 24, 2020
AtlSecCon Village Idiot Labs April 28 - 29, 2020
BSides Edmonton Village Idiot Labs September 17 - 18, 2020
Hackfest Village Idiot Labs November 13 - 14, 2019
BSides Ottawa Village Idiot Labs November TBA, 2020

Village Partner


  







IoT Village DEF CON 27 SCHEDULE!

Eldorado Ballroom in the Flamingo!
9th-11th Open from 9:30 AM!

= Presentations, Labs, Contests =


= Presentation | = Lab | = Contest

Friday, August 9th, 2019

Topic Presenter Time
A Security Researchers Guide into the Fitbit Ecosystem DanielAW, Jiska & Carolin 10:15 am - 11:00 am
SOHOpelessly Broken 2.0: Circumventing Security Controls in Network Accessible Services Rick Ramgattie @RRamgattie and Ian Sindermann @extantbogon 11:30 am - 12:00 pm
Secure Your Smart Home Again: In-Depth Security Assessment of Smart Thermostats Fragkiskos Koufogiannis, Sachdev Ritvik, & Christine Zhang 12:30 pm - 1:00 pm
A glorious celebration of IoT security Lee Brotherston @synackpse 12:30 pm - 1:00 pm
Regulatory Trends in IoT Security and impact on the research community Amit Elazari @amitelazari 1:15 pm - 2:00 pm
GAS THE RAMEN: Hacking the Unhackable Bitfi from John McAfee Ken Munro @thekenmunroshow
& Andrew Tierney @cybergibbons
2:15 pm - 3:00 pm
Privacy leaks in smart devices: Extracting data from used smart home devices Dennis Giese @dgi_de 3:15 pm - 4:00 pm
Next-gen IoT Botnets 3 - moar ownage Alex "Jay" Balan @jaymzu 4:15 pm - 5:00 pm

Saturday, August 10th, 2019

Topic Presenter Time
Hacking the Zyxel NAS 326 from the Perspective of a n00b Maxwell Dulin 10:15 am - 11:00 am
Mixing industrial protocols with web application security flaws in order to exploit OT devices in the internet Bertin Bervis @bertinjoseb 11:30 am - 12:00 pm
IoT Security and Manufacturers Panel with Q&A Jun Du - Zingbox,
Hagai Shapira - Securing Sam,
Ankur Chakraborty - Google Nest,
Ben Seri - Armis
12:15 pm - 1:00 pm
H(ACK)DMI: PWNING HDMI FOR FUN AND PROFIT Hyejin Jeong @moraeh23
& Jeonghoon Shin @singi21a
1:15 pm - 2:00 pm
Greenwaves and Ham Elvis Collado @b1ack0wl 2:15 pm - 3:00 pm
Get your next roadtrip for free! Long live the vulnerable EV charging points! M. Can Kurnaz @0x43414e 3:15 pm - 4:00 pm
Spy vs. Spy - who's watching who? Michael Raggo @mikeraggo
& Chet Hosmer @chethosmer
4:15 pm - 5:00 pm

Labs and Contests, August 9th-11th, 2019

Hacktivity Presented by Time
SOHOpelesslybroken IoT Village CTF ISE @ISEsecurity All CON
IoT Hacking 101 Village IDIOT Labs @VillageIDIOTLab All CON
ATM CTF Redballoon Security @redballoonsec
& @SoSogun3
& @TreyKeown
& @im_eningeer
All CON
Red Balloon Security & AFRL CTF Redballoon Security @redballoonsec
& @GriffissInst
& @AFResearchLab
All CON
Black Hills IoT Hacking Labs Rick Wisser @RJWisser
& Joe Lillo @joe_lillo
of Black Hills Information Security @BHinfoSecurity
All CON
Rapid7 IoT Hacking Labs Deral Heiland @Percent_X
& Carlota (Franz) Bindner of Rapid7 @rapid7
10am - 4pm Friday & Saturday
Live Bug Hunting Devices from manufactures in smart home tech, personal mobility, medical, and home appliances. All CON

DEF CON IoT Village CFP

We at IoT Village want you to join us at DEF CON 28, so submit a talk now! All talks related to IoT security issues are welcome, with special emphasis on any of the following topics:

  • Internet of Things - Show us how secure (or insecure) IP-enabled embedded systems are. Routers, network storage systems, cameras, HVAC systems, refrigerators, medical devices, smart cars, smart home technology, and TVs. If it is IP enabled, we're interested.

  • Vulnerabilities and Remediation - Show us the what 0-days, exploits, or vulnerabilities you’ve found in an IoT device and then how the security flaw can be fixed. It great to pull off a hack, but how do we fix it going forward.

  • Demonstrable Research - Present attacks that result in mechanical operation of the device's physical functionality. Can you make the device move, smoke, light up, emit sound, manipulate a screen readout, or any other visibly evident manifestation of the exploit?

  • Healthcare & IoT - Demonstrate or discuss how IoT devices are impacting the realm of healthcare, including but not limited to patient health and hospital security. Travel, Hospitality, and IoT - Analyze how IoT is impacting the travel & hospitality industry, guest safety, and the connected hotel room.

  • IoT Device Management – Discuss best practices for deploying and building security into IoT devices.

We encourage coordinated disclosure.

Submit Here


DEADLINE June 28th, 2020

Motivation

The so-called Internet of Things (IoT) is undergoing massive adoption. From locks and thermostats to televisions and refrigerators, many devices that have traditionally delivered analog functionality are rapidly gaining Wi-Fi connectivity and connecting to cloud-based, command-and-control centers for remote control and monitoring functionality. Some of these devices are built with security in mind, while others are simply analog devices with communication capabilities slapped on. The security and privacy implications introduced by any security vulnerabilities in these connected devices are tremendous.

To be at the forefront of addressing and minimizing these issues, we organized the first-ever IoT hacking village at DEF CON 23. That was a follow-up to the massively popular SOHOpelessly Broken™ router hacking contest, which debuted at DEF CON 22 and contributed 15 new 0-day discoveries to the research community, we hope to educate participants and the community about security vulnerabilities in these widely deployed devices and, in turn, shift toward better security in the IoT category.

Responsive image

Contests

= CTF Track =

A DEFCON 24 Black Badge ctf, players compete against one another by exploiting off-the-shelf IoT devices. These 15+ devices all have known vulnerabilities, but to successfully exploit these devices requires lateral thinking, knowledge of networking, and competency in exploit development. CTFs are a great experience to learn more about security and test your skills, so join up in a team (or even by yourself) and compete for fun and prizes! Exploit as many as you can over the weekend and the top three teams will be rewarded.

DETAILS





Get Connected





contact@ise.io

Sponsors


Title Sponsor



Season Sponsors





We put on multiple events throughout the year, and you can be part of them! We have thousands of attendees and always make a big splash. Focusing on brand exposure, community engagement, press, parties, and thought-leadership, we seek to provide a VIP-sponsorship experience for our partners. Email us at contact@ise.io to request a sponsorship pack and see how you can get involved.

= Organizer =