4 Real Life Examples of the IoT Being Hacked

Cyber Attack, Internet of things, IOT, Security, Security Threats, ,
09
Jan 2018

It’s easy to talk about the IoT (Internet of Things) security issues in theory, but what actually happens when the IoT gets hacked?

Understanding exactly what happens when IoT devices get hacked and how they get hacked is crucial in helping to protect your organization. Knowledge, of course, isn’t a cast iron guarantee you will avoid be hacked, but it certainly puts you in a much stronger position.

Let’s take a look at four real life examples of the IoT being hacked.

Unsecured University IoT

Verizon’s Data Breach Digest 2017 report details the example of an unnamed university where the network was flooded with Domain Name Service (DNS) requests for seafood restaurants. Whilst it sounds like a student prank, it was actually an outside attack by hackers which used 5,000 IoT devices such as vending machines and lighting systems. The hack was achieved through a brute force attack which took advantage of weak passwords so that malware could be deployed and bring the university’s network to a standstill.

IoT Cameras Hacked

The popular IoT security camera range – NeoCoolCam – has been found to contain a major security flaw which means that they can easily be hacked from outside the network they’re on. Given the security nature of the devices, these cameras can easily be compromised for unauthorized surveillance or even as a stepping stone to get even deeper into a network. Researchers at Bitdefender have found that all it takes is for the easily accessible login screen to be manipulated in order to take control of any of the 100,000+ cameras currently in use.

The Mirai Botnet

Poor password management is one of the biggest flaws in data security and the Mirai botnet certainly takes advantage of this. A piece of malware which infects network devices running on Linux, Mirai instructs these devices to constantly search the internet for vulnerable IoT devices. The fatal flaw contained within these IoT devices is that their factory set default username and passwords have not been changed. As Mirai is loaded with a list of these default details, it’s able to quickly take control of these devices and Mirai was even involved with an attack on Liberia’s internet infrastructure.

Hacking a Jeep

Perhaps the most disturbing and dangerous example of IoT devices being hacked is the case of a Jeep Cherokee 4×4 vehicle being compromised. Security researchers Charlie Miller and Chris Valasek were able to identify a zero day exploit which allowed them to send instructions to the vehicle through its entertainment system. Not only did this provide them with the opportunity to remotely change the in-car temperature, they could also influence the vehicle’s steering and braking systems. All it required was knowledge of the individual vehicle’s IP address to take control.

All four of these examples demonstrate just how far behind that IoT device manufacturers are when it comes to the security of their devices. Naturally, the manufacturers have a lot to do to ensure that their devices are safe from the moment they’re installed, but the owners of these devices also need to be mindful of good password practices.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

The Main Security Challenges That IoT Faces

Internet of things, Security, Security Threats, ,
02
Jan 2018

The internet of things (IoT) is getting us connected like never before, but with its increase in popularity, the security challenges are intensifying.

With IoT creating an unprecedented number of connections into our organizations, it’s no surprise that hackers are viewing it as a potential entry point as opposed to traditional routes such as email attachments or USB sticks. And, as IoT is such a new technology, the vast majority of users aren’t as well schooled in the accompanying security challenges.

If you can understand these security challenges, though, you’re maneuvering your organization into a highly advantageous position. You may be wondering what the main security challenges that IoT faces are, so let’s take a look!

  • Updates aren’t always automatic – PC updates never used to be automatic and this used to leave them open to attack. Thankfully, software/hardware manufacturers quickly realized the importance of this and built automatic updates into their products. Although this approach still relies on human compliance to authorize, it’s highly effective. With IoT devices, however, there’s such a rush to bring out new products mean that firmware updates are allocated little priority, so IoT devices can soon become unprotected. 

  • IoT devices are relatively simple – Many IoT devices are limited in their capabilities, be it in terms of storage or memory. Whilst this allows them to remain compact and low cost, it also leads to a lack of room for security. As a result, they become susceptible to security attacks and the chance of adequate encryption being in place is unlikely. Therefore, it’s crucial that extra security steps are put in place such as specific networks with dedicated firewalls to help house these IoT devices. 
  • More devices mean more monitoring – The amount of devices which can make up the IoT is staggering, but it also means that there’s an increased security risk. With all these entry points in your organization’s networks, the amount of data which needs monitoring is going to increase dramatically. And this means that you need to monitor the data coming in and out of your organization much more closely. Leading to increased labour and technology costs, this is one of the most pressing challenges presented by the IoT. 
  • Predicting and preparing for attacks – Advances in technology mean that more and more devices are entering the IoT market which, on one hand, means accessibility for almost anything you can think of is possible but, on the other hand, it’s making threat detection more difficult. Pinpointing exactly how a hacker will abuse an IoT device is difficult – will they use it as a stepping stone into your network? Will they simply misuse the device? Or a bit of both?

These challenges could easily be misinterpreted as a list of reasons why you shouldn’t get involved with the IoT, but this couldn’t be further from the truth. Instead, these are challenges which, if tackled correctly, can help your organization get the best out of the IoT. Sure, there’s going to be a level of investment and new structures to consider, but what price can you put on progress?

For more ways to secure and optimize your business technology, contact your local IT professionals.

 

Read More
1 2 3 4