DoDIIS 2017- Teddy Bear Hacking with 11/ yo Cyber Prodigy Reuben Paul
Summary
TLDRAt the Defense Intelligence Agency's conference, 11-year-old Reuben Paul demonstrated hacking a teddy bear to turn it into an eavesdropping device, highlighting the reality of cybersecurity threats from simple electronic devices. Reuben, a cyber expert and CEO of a nonprofit, showcased his skills and emphasized the need for awareness and adaptability in the digital world.
Takeaways
- 🌐 The Defense Intelligence Agency's (DIA) conference focused on cybersecurity, highlighting the evolving nature of threats in the digital age.
- 👶 Reuben Paul, an 11-year-old cyber expert, demonstrated how a teddy bear could be hacked to become an eavesdropping device, emphasizing that threats can come from unexpected sources.
- 🔍 Janice Glover Jones, the DIA's Chief Information Officer, emphasized the need to challenge preconceived notions about who poses a threat to our networks and digital infrastructure.
- 👦 Reuben's story began at age six when he started learning about cybersecurity from his father, showing that expertise can be developed at a young age.
- 💻 Reuben used a Raspberry Pi and a computer terminal to hack into the teddy bear, demonstrating the simplicity of tools that can be used for such purposes.
- 🐻 The teddy bear, named Bob, was hacked to control its LED and audio functions, showing how everyday objects can be manipulated for malicious intent.
- 📱 Reuben showed how he could connect to Bluetooth devices like Fitbit or Apple Watch, illustrating the vulnerability of common smart devices.
- 🔊 The teddy bear was used to record conversations, demonstrating the potential for devices to be used as surveillance tools.
- 🚨 Reuben discussed the potential for nefarious actors to use such devices to eavesdrop on sensitive conversations or even interfere with medical devices like pacemakers.
- 👩💼 Alicia Webb, the host, thanked Reuben for his demonstration, acknowledging the importance of understanding the ease with which devices can be compromised.
Q & A
What was the main focus of the Defense Intelligence Agency's conference in St. Louis?
-The main focus of the conference was cybersecurity.
Who hosted the conference and what is their role?
-The conference was hosted by Janice Glover Jones, the Chief Information Officer of the Defense Intelligence Agency.
Why did Janice Glover Jones bring eleven-year-old Reuben Paul on stage during her opening remarks?
-Janice Glover Jones brought Reuben Paul on stage to demonstrate the potential of young individuals to understand and exploit cybersecurity vulnerabilities, as he was able to hack a teddy bear to turn it into an eavesdropping device.
What is the significance of Reuben Paul's demonstration with the teddy bear?
-The demonstration signifies that even simple electronic devices, like toys, can be weaponized for cyber espionage and that cybersecurity threats can come from unexpected sources, including young individuals.
What is the name of Reuben Paul's nonprofit organization?
-Reuben Paul's nonprofit organization is called Cyber Shaolin.
How did Reuben Paul learn about cybersecurity?
-Reuben Paul learned about cybersecurity from his father, who trained people on the subject. He started teaching Reuben more advanced topics after realizing his potential for learning cybersecurity during a business call.
What is the name of the teddy bear that Reuben Paul hacked?
-The teddy bear's name is Bob.
How did Reuben Paul demonstrate the hacking of Bob the teddy bear?
-Reuben Paul used a Raspberry Pi to connect to Bob, scanned for the teddy bear's Bluetooth device, and then interacted with its services and characteristics to control the LED and audio recording functions.
What are some of the potential malicious uses of a hacked smart toy like Bob?
-A hacked smart toy could be used to eavesdrop on conversations, record sensitive information, or even interact with other Bluetooth-enabled devices to cause harm, such as turning off a pacemaker.
What is the broader message conveyed by Reuben Paul's presentation?
-The broader message is that cybersecurity threats are diverse and can come from any age group, emphasizing the need for constant vigilance and adaptation to new realities in the digital world.
Outlines
🐻 Hacking a Teddy Bear for Eavesdropping
In this segment, Alicia Webb from Secret Ninja TV introduces the audience to a cybersecurity conference hosted by the Defense Intelligence Agency's Chief Information Officer, Janice Glover Jones. The conference's highlight was an 11-year-old named Reuben Paul, who demonstrated how to hack a teddy bear to use it as an eavesdropping device. Reuben, who is also a CEO of a cyber nonprofit and a self-taught cyber expert, showcased his skills by hacking a teddy bear named Bob using a Raspberry Pi and a computer terminal. He explained the process of connecting to the bear's Bluetooth services and manipulating its characteristics to control an LED and record audio, which could potentially be used for malicious purposes. The demonstration emphasized the importance of recognizing the potential threats posed by seemingly innocent devices and the need to adapt to the evolving landscape of cybersecurity.
🔍 Demonstrating IoT Vulnerabilities with Bob the Teddy Bear
In the second paragraph, Reuben continues his demonstration by showing how to exploit the teddy bear's Bluetooth capabilities for nefarious purposes. He describes the process of connecting to Bob's services and using Python to interact with the device's characteristics. Reuben uses handle 27 to control the LED light, making the heart LED on Bob flash, and then uses handle 12 to send commands, and handles 08 and 02 to record and play back audio. This part of the presentation illustrates the potential for a cyber actor to eavesdrop on conversations or even cause physical harm by hacking into medical devices like pacemakers. The segment concludes with a reminder of the serious implications of IoT device vulnerabilities and the importance of cybersecurity awareness, as Reuben successfully records and plays back a conversation with Bob, proving the concept in a live setting.
Mindmap
Keywords
💡Cybersecurity
💡Eavesdropping Device
💡Hacking
💡Smart Toys
💡Bluetooth Low Energy (BLE)
💡Raspberry Pi
💡Python
💡IoT (Internet of Things)
💡Vulnerabilities
💡Cyber Actors
💡Over-the-Air (OTA) Updates
Highlights
Alicia Webb, from Secret Ninja TV, attended the Defense Intelligence Agency's worldwide conference focusing on cybersecurity.
Janice Glover Jones, the Chief Information Officer of the DIa, hosted the conference and emphasized the evolving nature of cybersecurity threats.
Eleven-year-old Reuben Paul demonstrated hacking a teddy bear to turn it into an eavesdropping device.
The presentation highlighted the need to challenge preconceived notions about who poses a threat to networks and digital infrastructure.
Sophisticated hackers can use simple electronic devices to gain access to sensitive data.
Young children have discovered vulnerabilities in video game systems and mobile games, indicating that cyber threats can come from any age.
Reuben Paul, at age 11, is the CEO of a cyber nonprofit and a recognized cyber expert.
Reuben's interest in cybersecurity began at the age of six when he started learning from his father.
He founded the nonprofit organization 'Cyber Shaolin' to simplify advanced cybersecurity topics for everyone.
Reuben used a Raspberry Pi and terminal commands to hack the teddy bear, named Bob, demonstrating the process in real-time.
The hacking process involved scanning for devices, connecting to services, and manipulating characteristics to control the teddy bear.
Reuben showed how to make the teddy bear's LED light flash and play audio, indicating its potential as an eavesdropping device.
He also demonstrated how to record audio on the teddy bear without anyone knowing, raising concerns about privacy and security.
The potential misuse of such devices could include recording confidential conversations or even interfering with medical devices like pacemakers.
The presentation concluded with a live demonstration of hacking and recording a conversation with the teddy bear, Bob.
The audience was left with a clear understanding of the ease with which everyday objects can be weaponized in the digital age.
Alicia Webb encouraged viewers to subscribe for more cybersecurity insights and to share their own experiences with IoT devices.
Transcripts
are you ready to weaponize a teddy bear
secure ninja hi everyone I'm Alicia web
secret ninja TV was recently in st.
Louis for the Defense Intelligence
Agency's dota s-- worldwide conference
and not surprisingly the focus of this
year's event was cybersecurity the
conference was hosted by DI a's chief
information officer janice Glover Jones
in her opening remarks she brought on
the stage eleven-year-old Reuben Paul
who was able to hack a stuffed teddy
bear
to turn it into an eavesdropping device
now let's take a look at the
presentation and if you're anything like
us you're really going to enjoy this it
is imperative that we shed our
preconceived notions of who poses a
threat to our networks and our digital
infrastructure today's sophisticated
hackers use simple electronic devices
like remote-control cars or other smart
toys to gain access to our most
sensitive data skilled cyber actors
don't need to spend years or decades
honing or refining their craft to
inflict severe damage for example a
five-year-old recently found a flaw in
an Xbox video game system that allowed
him to hack into his father's account in
a ten-year-old discovered a new class of
bugs in a mobile game allowing her to
manipulate the results while these might
not sound like dire threats to national
security
they should be instructive to the
digital world we now inhabit malicious
cyber actors can come in any shape and
size and we must adapt to this new
reality I would like to introduce to you
someone who personifies this
technological information and represents
the sophistication of cyber actors he is
the CEO of a cyber nonprofit as well as
a cyber expert all at the age of 11
please welcome Ruben Paul
good morning Reuben hey where's Bob why
don't you go ahead and get started so
Reuben will find Bob that's got lost 11
years old you're the CEO of a company
you consider yourself a cyber expert and
then you do gymnastics yes all at the
age of 11 how did you get here well
before I answer your question I just
wanted to say a big thank you I want to
thank my God Jesus Christ for the gifts
he has given me and giving me this
opportunity
I want to thank you miss Glover Jones
for letting me share the stage today and
I want to thank all the people who are
serving today and all the people who
have served the veterans and all the
attorneys here and I hope one day to
serve our nation just like you on the
cyber wall
now back to your question it all began
when I was about six years old and my
dad used to train people on
cybersecurity so I used to listen in and
learn about basic security topics and
one day when he goes on a business call
he forgot the word firewall so I
prompted him from the back and he
realized I had a potential for learning
cybersecurity so he started teaching me
more advanced topics like hacking phones
and windows and IOT devices so I started
learning and I had to I was simplifying
advanced topics down so that anyone
could understand them and that's how I
came up with cyber Shaolin my nonprofit
organization a nonprofit organization so
tell us about Bob who's Bob
so this chair is Bob meet Bob so Bob is
a pair of breeches a silver of breeches
that's why I named him Bob he got
something to say huh yeah he has a
little message for us I just wanted to
say hi how are you doing I'm really
excited to be here today
thanks for the opportunity so what do
you use Bob for most people sleep with
teddy bears well but I gathered that
you're not most people well I'm going to
hack into Bob you're gonna hack into Bob
yes okay you're gonna show us what you
got yes okay so I basically have a
Raspberry Pi at any computer I'm
connecting through it I'm connecting to
it using terminal and just on my Mac and
I'm gonna use and I'm just gonna scan
for my dog so here you know Wow
oh let me turn my phone off happy
[Applause]
that is a lot of things I see someone's
Fitbit charge HR sex someone's device
like an Apple watch oh there's Bob let's
see him it's at cloud FETs now you make
sure it's Bob yes and not general
Stuart's phone okay okay I need my job
so if you're trying to turn off your
Bluetooth devices it's too late so I'm
just going to connect to the ver
interactively and once I do that I'm
going to see these services so the first
two are for our on Bluetooth specs and
it's basically for interactive
interactively connecting between the
bear and the device the last one is for
over-the-air updates and this one is
specific to the manufacturer so what I'm
going to do is I'm just going to in each
of these services there is
characteristics properties that you can
use so I'm basically just going to
describe the characteristics so once I
get this characteristics I see that the
I went through each one and there's a
specific one handle 27 but I'm gonna
actually read handle 28 because that's
the description for the handle so when I
do it I'm gonna do character - read
handle 28 and we get these three or
these these numbers that's a hex so I'm
just gonna go into Python and put that
in a nun exit how did you learn Python
I've been taking I have a book at home
Python for kids self-taught okay yeah so
I have LED so handle 27 controls the LED
so basically I'm just going to write to
that handle and I'm gonna write handle
to handle 2701 so as you see on Bob the
LED
little heart LED will flash Wow so I'm
gonna turn that off and who just wants
to see a light turn on I'm gonna make
some audio play so I went through each
one of these and I found that handle 12
is for commands sending commands to the
bear and 0 8 is for audio and then 0 2
is for a record and it records to slot 1
automatically there are few different
slots but it what's the saw one so when
I enter this command Bob is gonna record
everything I say and nobody's gonna know
it so once I enter it miss clover Jones
it's gonna ask me a question or ask Bob
a question I'm gonna answer it for Bob
and then you guys are gonna screen
notice is awesome ok 3 2 1 hey Bob have
you just been hacked yes I was so I just
turned it off and to play it back I'm
going to t zero eight zero one and I'm
gonna play back on slot 1
[Applause]
[Music]
so if you were a nefarious cyber actor
what could you do with Bob or any other
smart tooth enabled device so I could
act theoretically stand out any
government Institute base and then
connect to a Bluetooth low-energy device
like a Fitbit or an Apple watch or
something like that and then I could
record secretive conversations or if I
was or I could stand out a doctor
outside a doctor's office and connect to
a heart pacemaker and turned it off
making some causing some serious damage
so ladies and gentlemen what we just
witnessed is in about five minutes
Rubin here was able to hack into Bob and
record our conversations this is the
reality of what we live in and we want
to say thank you Rubin for coming and
sharing with us how easy this is Wow
Reubens not just a talented hacker he's
a true communicator we're pretty sure
he's going to have a nice long career
thanks for watching guys be sure to
subscribe to the channel so you don't
miss anything that we filmed at DotA's
2017 leave us a comment below and let us
know if you have any toys or IOT devices
yourself we'd love to hear about it I'm
Alicia Webb and I'll see you next week
bye
Weitere ähnliche Videos ansehen
"Hack ANY Cell Phone" - Hacker Shows How Easy It Is To Hack Your Cell Phone
I-Witness: 'Hacker', dokumentaryo ni Sandra Aguinaldo | Full episode
¿Cual es el SO de Movil más seguro? Android vs iOS
Introduction - Part 01 - Prof. Saji K Mathew
OpenText’s Paul Reid on Preventing Next Generation Cyberthreats
Top 10 Cyberattacks: How to protect yourself
5.0 / 5 (0 votes)