Thought Leadership

Shodan: How you Search the Internet of Things

Shodan is a search engine for devices connected to the Internet, aka The Internet of Things. In the same way you use Bing or Google to search for and then interact with a website, you can use Shodan to search for and then interact with all devices connected to the Internet.  That’s right. You can search for, visually see and interact with webcams, smart watches, red light enforcement cameras, TV station antennas, routers, switches, vehicles, televisions, refrigerators, wind farms, power plants, medical devices, printers, and well…you get the picture.

While people can hack websites, Facebook accounts, and databases, they can also hack the Internet of Things. In the past, Shodan has been in the news, linking it to webcam spying and terrorist activities, which is scary stuff. While Shodan is one way for this to happen, there are a variety of ways you can be susceptible to hacking. Here are a few great resources to keep you safe when connected to the Internet:

iKeepSafe.org

OWASP.org Internet of Things Project

Google Safety Center

TechTarget - Internet of Things Security

The two sides of Shodan are extremely polarizing; it can be a very scary reality, while at the same time, a beautiful tool for connection, communication and learning.  

So you’re not a criminal, and aren’t interested when people are using their smart refrigerators. I get it. Other than scrambling to protect yourself and your Internet of Things from creepy eyes, why should you care about Shodan?

The business intelligence that can be gained by analyzing consumer activity on search engines is invaluable. Search engine data, whether it be from your own paid search account or a tool such as Google Trends, can and should be used by every company when making nearly all business decisions. If you are selling “Things” that belong to the Internet of Things, you can use Shodan to see who is using your products, when they are using them and where. Imagine being Michael Dell and having the ability to visualize the use of your laptops across the globe, with just one login. Pretty cool, huh? This level of market intelligence has never existed before.

To get started, you can create a free account with Shodan, although there’s not much to dish about at this level. The real fun begins with the account upgrade, which allows you to gain full access for a one-time membership fee of $49.  Once you are really in, you’ll have access to all search data collected, developer API information, the ability to show search results in map format (the wow-me factor), unlimited results (which are limited at the free-account-level), and countless app integrations. A few areas of Shodan to note:

  • Shodan Maps- Use the intuitive map interface to search the Shodan database (available with free account, gets better with membership).
  • Images- View a stream of screenshots from crawled devices (membership required).
  • Exploits- Search across a variety of vulnerable databases at once (available with free account).
  • Scanhub- Make your Nmap results searchable by uploading them to Scanhub (additional membership required).

Reports! Data Downloads! YES! Once you perform a search, you can easily download your data or export it into a report format. The report will be emailed to you immediately and you’ll be able to view top countries, top services, organizations, products, versions, domains, and operating systems.

Living in the world of paid search, I am naturally interested to see the evolution of the Shodan results page and how it will (or will not) follow in the SERP monetization game. Will advertisers want to buy ad space to promote their high-tech products alongside results of smart watches connect to the Internet? Maybe so.

I also wonder if there will be a day when Shodan acts as a tool for marketers to connect with the Internet of Things and serve up highly-tailored product content messaging straight to devices. If not Shodan, surely another.

When it comes to transparency and personal privacy, how many of us really understand how our tech products work? Not many of us realize how data of our everyday activities is being monitored, measured, and analyzed. The Internet of Things is a new space, and with that, comes a lack of information and clarity. Consumers need to better understand all aspects and implications of their Internet connected devices.  In the same way we all had to learn how to download our anti-virus software of choice in the 90s, we now need to learn how to protect our “Things.” We’re living the Future of Search right now. Take a look around; it’s pretty cool.