The world of Internet of Things (IoT) has opened us all to a world where we now have the power to automate, protect, and monitor our houses like never before. Not only this, one can now keep an eye on their children while out for work, integrate their home theater system, protect the house from theft, and even extend a helping hand in reducing capital spent on energy consumption. IoT has for sure made all this possible, but like every coin has two sides IoT too has a dark side.
While on one hand, IoT has made our life easier, on the other hand, cheap IoT has the potential of threatening the entire of the Internet and causing a major havoc.
Finished IoT products most often end up in the hands of technically unsophisticated consumers who often end up ignoring the updates or at times even forget their logins and passwords. In order to take care of these aforementioned situations, the module makers have designed a quick fix, a login/password combination that allows the tech support of that particular IoT device to remotely take control of the device and make the users happy again.
However, hackers end up taking an advantage of this arrangement. By putting standard Linux dissection tools to use, they start browsing the embedded software module and successfully find the backdoor password set up by the module makers…which they then use to unlock all of the IoT devices from the maker. Recently, we covered a story about how Mirai — a malware that had been responsible for causing one of the worst denial of service cyberattacks that the world had experienced in the last few years, had now spread and infected internet-connected devices in over 177 countries all around the world.
The pirates have quite literally taken over the ship. They end up uploading software to one's device and then turn it into a dangerous weapon that is an inclusive part of a DoS attack.
The brain behind the hacker isn't targeting an individual or an individual's phone, but the target is actually a political website that might have rubbed on negatively with the hacker, or, with increasing frequency, a site that the pirates aspires to hold for ransom.
What is even more terrifying is that these attacks have also managed to hit the Internet infrastructure services such as DNS (Domain Name System) servers.
The bottom line here is to understand the looming threat that cheap IoT devices represent. This can easily be considered as a crucial side effect of the smartphone revolution. Billions of smartphones have resulted in creation of an ecosystem of distributors, manufacturers, and components that are all engulfed in a competitive race to the bottom. This has further led to corners being cut, and an untold numbers of vulnerable devices are now lying in wait on the World Wide Web. A couple of years ago, no one could imagine that one day these very so-called “security” cameras would be hampering our security as they land in the dangerous hands of hackers.
[Top Image-v3.co.uk]
While on one hand, IoT has made our life easier, on the other hand, cheap IoT has the potential of threatening the entire of the Internet and causing a major havoc.
Finished IoT products most often end up in the hands of technically unsophisticated consumers who often end up ignoring the updates or at times even forget their logins and passwords. In order to take care of these aforementioned situations, the module makers have designed a quick fix, a login/password combination that allows the tech support of that particular IoT device to remotely take control of the device and make the users happy again.
However, hackers end up taking an advantage of this arrangement. By putting standard Linux dissection tools to use, they start browsing the embedded software module and successfully find the backdoor password set up by the module makers…which they then use to unlock all of the IoT devices from the maker. Recently, we covered a story about how Mirai — a malware that had been responsible for causing one of the worst denial of service cyberattacks that the world had experienced in the last few years, had now spread and infected internet-connected devices in over 177 countries all around the world.
The pirates have quite literally taken over the ship. They end up uploading software to one's device and then turn it into a dangerous weapon that is an inclusive part of a DoS attack.
The brain behind the hacker isn't targeting an individual or an individual's phone, but the target is actually a political website that might have rubbed on negatively with the hacker, or, with increasing frequency, a site that the pirates aspires to hold for ransom.
What is even more terrifying is that these attacks have also managed to hit the Internet infrastructure services such as DNS (Domain Name System) servers.
The bottom line here is to understand the looming threat that cheap IoT devices represent. This can easily be considered as a crucial side effect of the smartphone revolution. Billions of smartphones have resulted in creation of an ecosystem of distributors, manufacturers, and components that are all engulfed in a competitive race to the bottom. This has further led to corners being cut, and an untold numbers of vulnerable devices are now lying in wait on the World Wide Web. A couple of years ago, no one could imagine that one day these very so-called “security” cameras would be hampering our security as they land in the dangerous hands of hackers.
[Top Image-v3.co.uk]
Advertisements