Hide ‘N Seek Botnet Threatens the Internet of Things

Cyber Attack, Hacking, Internet of things, IOT, malware, Password Security, Security, Security Threats, , ,
08
Mar 2018

The Internet of Things (IoT) has a new security threat and this time it uses peer-to-peer communication to spread, infect and compromise devices.

In January 2018, security researchers working for Bit-defender discovered a new botnet which, although not related, has similarities to the Reaper botnet. Originally infecting just 12 IoT devices, the Hide ‘N Seek botnet had soon amassed over 32,000 IoT devices by the end of the month. With the ability to steal data, take control of the device and run malicious code, Hide ‘N Seek represents a serious threat.

Understanding new and emerging threats to IoT devices is crucial if you want to protect your organization’s network, so it’s time to investigate Hide ‘N Seek a little closer.

Hide ‘N Seek is No Game

A brand of IP camera manufactured in South Korea appears to be the initial infection source for Hide ‘N Seek, but the botnet is actively attacking other IoT devices. Using randomly generated IP addresses, Hide ‘N Seek attempts to connect to any devices listed against these addresses. If the botnet succeeds in connecting then it either uses default login/password combinations to gain access or performs a brute force attack using a dictionary list to crack the login credentials.

With access obtained, Hide ‘N Seek analyses the device to discover any potential vulnerabilities such as the ability to download malware or launch DDoS attacks. The remote botnet hacker also has the option of executing any command they wish on the infected device; this option provides them with the chance to steal any files they wish. The capabilities of Hide ‘N Seek are clearly advanced and innovative, but what’s even cleverer is that it appears to be constantly redesigning itself to minimize detection.

Communication between the infected devices is made possible by the peer-to-peer network at the heart of Hide ‘N Seek. Using peer-to-peer software for hacking is nothing new, but previous methods have always involved modifying existing torrent software. Hide ‘N Seek is taking hacking to a new level by using completely custom built peer-to-peer software which has no central command unit; therefore, closing this network down is virtually impossible.

Combating Hide ‘N Seek

The advanced design of Hide ‘N Seek is proof that it’s the work of highly skilled hackers, but, once again, the vulnerability being exploited is the use of default passwords. Let’s face it, giving a hacker a key to a locked door is the worst form of security you can imagine, but this is exactly what default passwords are. And this is why password security remains the number one priority for any devices within your network, whether they’re connected to the IoT or otherwise.

By changing these default passwords while devices are on isolated networks, your organization can seriously increase the strength of their defenses. Otherwise, you’re leaving your networks at the mercy of malicious botnets such as Hide ‘N Seek. And, believe me, just as Reaper wasn’t the last IoT botnet, neither will Hide ‘N Seek be the final word in hacking in this new IoT landscape.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

4 IoT Security Vulnerabilities You Need to Know About

Hacking, Internet of things, IOT, Network, Security, Security Threats, , , , ,
27
Feb 2018

The Internet of Things (IoT) is amazing, but it’s not perfect and, in particular, there are plenty of security vulnerabilities that you need to know about.

You can barely move without bumping into an IoT device now and, whilst this allows you to be more productive, it also means that the security risk to your organization’s network is increasing. We’ve all heard about how coffee machines can get hacked and it’s these types of stories that demonstrate the extent of IoT security concerns.

Whilst you may rely on a humble kettle rather than a fancy Wi-Fi controlled coffee machine, there are still plenty of IoT security vulnerabilities you need to be aware of. Let’s take a look at of the most important ones you should be aware of.

  1. Network Services Present a Back Door

IoT devices often come with diagnostic and debugging services built in to help facilitate troubleshooting tasks, but these are often operating on ports which are not secure. Now, maintenance services are probably one of the least likely to be secured pieces of code to be found on an IoT device, so this scenario is highly attractive to hackers. Therefore, you need to make sure that you investigate all potential security concerns on new IoT devices you install.

  1. Lack of Transport Encryption

When data is transported across the internet or your local network, it needs to be encrypted to thwart any external parties who are listening to your data traffic. However, many IoT devices fail to employ transport encryption in their data transmissions when sending data – this is estimated to be around 41% of all IoT devices. And this is why you need to make sure that your organization only works with highly secure IoT devices to protect data security.

  1. Weak Password Protection

The lack of strong password protection is a major security vulnerability when it comes to IoT devices. A good password should incorporate more than 8 characters and these should include numbers, symbols and mixed case letters – more often than not, though, these can often be nothing more than four digits such as an iPhone’s default password protection. And, as we all know, the weaker a password, the quicker and easier it can be hacked by brute force.

  1. Different Computer Languages Prevent Security

PCs all speak a common language, so getting a network full of PCs to operate on the same network in the same manner is not too big a problem. However, a smart photocopier running on a code all of its own is going to struggle to communicate effectively with the rest of your network. And this means that guaranteeing a secure connection between network devices is more difficult than ever. You also need to consider the fact that many IoT devices fail to receive regular updates, so this has the potential to be a long term security risk.

We’re all still learning about the security vulnerabilities that the IoT is bringing to the security table, so a firm knowledge of the potential pitfalls is vital. By taking note of the above you should be able to improve your security just enough to prevent being hacked.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

The IoT Reaper Botnet Predicts a Grim Future

Cyber Attack, Internet of things, IOT, malware, Mirai, Reaper, Security, Security Threats, , , , , ,
13
Feb 2018

With Internet of Things (IoT) devices becoming more prolific at work, their security risks are increasing. In particular, botnets are posing a major threat.

Botnets have been associated with hacking since the start of the 21st century and don’t show any signs of disappearing soon. Therefore, it’s no surprise that hackers are adopting these services into their attacks on IoT devices. The aim of a botnet is to create a huge network of infected computers connected to the internet to carry out DDoS attacks, spam campaigns and steal data. And, with the proliferation of unsecured IoT devices now online, it’s not hard to see why they’re so attractive to hackers.

One botnet which has been creating a few headlines recently is Reaper, so it’s a good place to start understanding their method of operation and how you can protect yourself.

The IoT Reaper Comes to Town

IoT devices, partly due to their recent emergence, aren’t exactly the most safe and secure devices to be connecting to your organization’s network. Sure, many of them are safe, but there are so many reports of devices being released with vulnerabilities in their code, a lack of firmware updates and default password exploitation issues. Accordingly, the warnings attributed to IoT devices need to be taken seriously. And when it comes to botnets such as Reaper, you can begin to understand why.

The Mirai botnet was the first big hack which took advantage of shortfalls in IoT security and its legacy is Reaper. Evolving the operation and build of Mirai (Reaper even shares some code with it), Reaper is a more sophisticated piece of malware. Mirai’s approach was to act purely as a password cracker, but Reaper is taking nine different approaches to exploit known vulnerabilities in devices manufactured by Linksys, GoAhead and NetGear to name but a few.

Reaper has the potential to create a huge botnet army and, with its myriad infection methods, could carry this out with much more ease than Mirai ever managed. Security researchers Checkpoint even estimate that around one million networks have been scanned in order to begin recruiting vulnerable devices. Reaper is also built to ensure that it can receive regular updates through new script updates and indicates a potential for the malware to be regularly strengthened.

Thankfully, the number of recruited bots has remained relatively low compared to initial estimates with around 10,000 to 20,000 drones being active at any one time. Experts suspect this may be down to poor coding, but with the potential for new updates to be patched into the malware, this could be rectified very quickly. A further benefit to consumers is that the hardware providers being targerted are tight on security and regularly issue firmware updates.

Keeping the Reaper at Bay

Allowing automatic firmware updates – and regularly checking manufacturers’ websites/social media for security updates – is paramount to keeping your organization’s IoT devices secure. Not only can botnets launch global attacks on computer networks, but they can also slow down individual devices and render them redundant.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Creating a Culture of Security in the Internet of Things

Cyber Attack, Hacking, Internet of things, IOT, malware, Password Security, Security, Security Threats, , , , , ,
30
Jan 2018

Hackers aren’t the only threat to the security of your organization’s Internet of Things (IoT), your employees can be just as culpable for security risks.

Let’s face it, the IoT is a relatively new phenomenon and, even though most of your employees will have smart devices at home, the majority of your workforce won’t be aware of the many security dangers. It’s this lack of knowledge which can lead to major security flaws which leave your network open to hackers and their accompanying chaos.

However, humans have a huge capacity for learning and if you can ingrain the basics of IoT security in the business culture, you’ll find that your employees are soon on top of things. And this knowledge can provide an extra layer of defense, so let’s take a look at how you can provide this.

Ban All Guest Access

Many organizations provide guest access to, at the very least, their Wi-Fi network so that visitors can check emails, liaise with their own staff and, more likely, check Facebook! However, whilst this is a generous gesture, it opens your network up to a whole host of security risks. If there’s a freely available guest network then it’s likely that everyone in your organization will know the password and it can be passed on to any visitors.

Now, you’re never going to know every single visitor to your company and, crucially, you’re never going to know how secure these visitors’ devices are. Therefore, it’s a highly dangerous move to allow your employees to grant free access to any section of your network. The simplest way to combat this and prevent bad security practices is to ban all guest access to your organization’s Wi-Fi. It may seem drastic, but it will really hammer home the security risk to your employees.

Improve the Password Culture

Passwords are one of the oldest forms of computer security, but they’re also one of the most effective. IoT devices, though, have a reputation for coming pre-loaded with highly weak default passwords, so the effort required to hack them is relatively low. Changing not only default passwords, but also regularly changing existing passwords remains a highly important task to secure your smart devices.

Your employees are likely to be highly busy, though, so changing their password will tend to fall down their list of things to do. This is where you, as an employer, need to ensure that regular reminders are sent out to your employees to indicate when passwords require changing. Ideally this should be between 6 – 12 weeks of the last password change and the best way to enforce this is by restricting access to applications if the password is not changed.

Whilst employees will initially grumble about having to change their password and remember a new one, these complaints will soon subside and employees will become compliant with the process.

Regular Training

As mentioned in my opening, the IoT is a new phenomenon and the collective knowledge of your employees will be limited. And that’s why you need to make sure that your staff are given regular training sessions on the importance of IoT security.

Ideally, the IT induction that all new starters take should include a section on IoT security; after all, almost of all your employees will bring a personal smartphone into work and, of course, certain employees will be issued with company laptops and smartphones, so the need for good security practices from the off are vital.

It may seem time consuming to complete inductions and regular refreshing training, but the enhanced knowledge among your workforce will ensure that your networks remain safe from the most simple (yet damaging) IoT security mistakes.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

You Can Now Hack Networks with a Fish Tank

Cyber Attack, Hacking, IOT, malware, Security, Security Threats, Uncategorized, , , ,
23
Jan 2018

The Internet of Things (IoT) can help run almost any device in use in your organization, but this also means you could be hacked by a fish tank.

This may sound highly unlikely, but this is exactly what happened to a North American casino and underlines just how vulnerable IoT devices are. It also demonstrates how every single IoT device, no matter how insignificant and harmless it may appear, is at risk. Hackers, after all, do not discriminate – if there’s a way to gain access to a network then they’ll exploit it.

As this is one of the more unusual attacks to have affected an IoT device, I’m going to take a closer look at it before advising you on a few tips to avoid getting hacked by a fish tank.

Hacking the Tank

The fish tank – which was situated in the unnamed hotel – had been installed with state of the art sensors which monitored and regulated factors such as water temperature, saline levels and release of food. Making devices such as these sensors compatible with IoT technology allows the tank to be controlled remotely, but this accessibility also opens up such IoT devices to the interests of hackers. Although the hotel had security measures in place, they were evidently not secure enough.

Many IoT devices lack advanced, internal security technology so any external security measures need to be as advanced as possible to pick up the slack. In this particular case, the fish tank’s sensors were hacked which allowed the hackers to transmit 10GB worth of data to a remote server based in Finland. The casino’s existing security tools were able to identify that data was leaking externally, but were unable to identify where from and where it was being transmitted to.

Thankfully, security experts Darktrace were able to pinpoint where the vulnerability was and were able to advise the casino to disconnect the fish tank sensors immediately. 10GB worth of data may not sound like a huge amount of data in this day and age, but when you consider the amount of personal and financial details a casino may hold, 10GB could cause a lot of concern for any patrons of the casino.

Securing IoT Devices

Being hacked through a fish tank is a highly embarrassing security flaw for any organization, so understanding how to secure IoT devices is paramount. Make sure you’re implementing the following security measures with IoT devices:

  • Change Default Passwords – Many IoT devices come preloaded with a default password and, by leaving this in place, you’re reducing the number of guesses and effort that a hacker needs to put into brute-force hacking the password. It’s estimated that around 15% of IoT device owners do not change this default password, so make sure you change this as soon as the device is installed.
  • Install Firmware – As I’ve previously mentioned, the security technology loaded onto IoT devices is sometimes sadly lacking. However, even worse than poor security software is outdated security software. And that’s why it’s crucial that any firmware updates are installed immediately to patch any potential vulnerabilities.
  • Separate Networks – The number of IoT devices operating in any one organization can easily run into the hundreds. Essentially, this means that there are hundreds of routes into your network and this could cause real chaos if just one device is breached. Therefore, penning off IoT devices into separate networks is a preventative step which can limit the reach of any hackers.

For more ways to secure and optimize your business technology, contact your local IT professionals.

 

Read More
1 21 22 23 24 25 31