Ethical Hacking of an IoT-device:Threat Assessment andPenetration Testing

Sammanfattning: Abstract Internet of things (IoT) devices are becoming more prevalent.Due to a rapidly growing market of these appliances, impropersecurity measures lead to an expanding range of attacks. There isa devoir of testing and securing these devices to contribute to amore sustainable society. This thesis has evaluated the securityof an IoT-refrigerator by using ethical hacking, where a threatmodel was produced to identify vulnerabilities. Penetration testswere performed based on the threat model. The results from thepenetration tests did not find any exploitable vulnerabilities. Theconclusion from evaluating the security of this Samsungrefrigerator can say the product is secure and contributes to aconnected, secure, and sustainable society. Keywords Internet of things (IoT), device, security, penetration testing,threat assessment, vulnerabilities