Why nomintated: Ben Seri’s work in the IoT space specifically around BlueBorne, the first airborne IoT vulnerabilities impacting more than five billion devices globally, and BLEEDINGBIT, chip- level vulnerabilities used in the fabric of internet infrastructure. Seri has fought against the fast-paced creation and adoption of IoT devices that are created and deployed with security in mind. His mission is to help shed light on the enterprise risk that IoT poses, and enable its secure use.
Profile: Seri’s focus on IoT and in particular identifying airborne threats led to the discover in the last year of BLEEDINGBIT, two zero- day vulnerabilities in Texas Instruments BLE chips used in Cisco, Meraki and Aruba wireless access points. Once such an access point is breached malware can move laterally in the system effectively breaking network segmentation, a traditionally trusted form of enterprise security. The BLEEDINGBIT vulnerabilities are the latest in airborne threats that can be exploited remotely via the air, unlike most attacks conducted through the Internet thus allowing an unauthenticated perpetrator to penetrate a secure network of which they are not a member and operate virtually undetected. Airborne attacks are virally contagious in nature, allowing the attack to spread to any device in the vicinity of the initial breach.
Prior to BLEEDINGBIT, Seri helped uncover BlueBorne, a set of eight zero-day vulnerabilities found in Bluetooth implementations affecting all major operating systems, four of which were classified as critical. This new attack vector endangered major mobile, desktop, and IoT operating systems, including Android, iOS, Windows, and Linux. BlueBorne impacted more than five billion connected devices.
What colleagues say: “Since I’ve known Ben, he’s taken an approach to threat research that blends both leadership, ingenuity and innovative approaches to IoT research. He’s always pushing the limits of what is possible, and proving time and again to the world how insecure the most basic building blocks of our environment are. I see Ben as one of the best cyber security researchers in the world. His work on Blueborne, BLEEDINGBIT, and new research in the pipeline, has impacted billions of devices worldwide and enabled our customers to better protect their business. Ben’s track record is consistent, highly impactful and foreshadows what the rest of the world needs to start paying attention to ASAP.” Nadir Izrael, CTO and co-founder of Armis.