Hello soldiers of the cyber resistance,
You are tuning in to CRR, Cyber Resistance Radio. Today in our fifth podcast we talk about information security threats in 2017.
What can we expect from 2017 and what type of attacks and threats can we expect this year ?
Let’s start the podcast.
One the major threats and disasters waiting to happen has to do with the mass increase in the internet of things devices. The manufacturers of these devices barely take security into account when developing these devices. Last year we have seen coordinated attacks by for example security camera’s connected to the internet, these devices amassed the biggest DDOS attack in history.
If you are interested, just check out SHODAN, this is a search engine for the internet of things or at least devices connected to the internet that have little or no security. You can login to webcams, sometimes even network attached storage devices.
You will be amazed how many devices are open to you as a user.
What happened ?
Nowadays manufacturers of devices often offer products with internet connectivity. We apparently all want an app to control the device, very convenient. Not only for you but also for the outside world. Lamps, refrigerators and security cams are all being connected to the internet. Again convenient for you as a user, switching on the light when you are not home, convenient for the manufacturer to gain access to information and let you big data team lose on that data, also it is interesting for hackers. All these devices have chips inside as hardware and simple software to make it do things, this software can be manipulated and used for attacks on websites or parts of the internet architecture.
Most of these devices have network capabilities.
And that is the problem, these devices can take part in a coordinated attack with the owner knowing of it.
If you have internet things devices at home, check if you can update the software or at least place this device in a different VLAN, virtual LAN.
You television will be held hostage.
Another development is that more and more televisions are smart. They have some software on them and internet connect capabilities. Aspect more malware attacks on these TV’s. There is already malware out there that can brick your TV, rendering it useless.
Sometimes attacks even go as for as to ask money to “unbrick” your TV again, basically holding your television as a hostage. Bizar.
Only good thing is that the malware looks for older types of smart TV’s and not the newer types on the market. Of Course that is only temporary. If there is money involved and attackers find new ways to gain access to devices, it is a concern. Especially when manufacturers do not really take security into account when developing these television sets and its software.
Moving on, next to your television also your car gets more and more connected to the internet. You have software to control your car, the ECU for instance, and you have software for the entertainment system that controls your audio, locks, navigation and telephone and ride settings.
To cut a big story short, the car has multiple entry points for communications, either through the 4G built in antenna or the GSM system for mobile calls, or the infrared receiver of your door system.
When we live in an era where almost everything gets an internet connection, we need to be careful and realize that this poses a threat as well. Many convenient things are possible with connectivity but always understand the risks as well. When concerns about information security rise then you could a little more faith in technology. Until then we need to be careful.
When you look at your house or apartment, it might very well be possible to connect your house and have a lock management system on your phone and laptop in the future. Checking if you house is on lock-down when you are away. I am sure that the traditional lock system will be connected to the internet in the near future. Again offering convenience but also adding an external threat in the form of a new breed of burglars.
How crazy would it get if your home security system, that is probably connected to the internet, become part of a botnet to DDOS other networks. I think it is crazy but it might already be happening right now.
Thanks for tuning in and catch you guys next time.
Stay safe, turn off your television, tune in to our podcast and arm yourself with knowledge.