“ The uncertainty of the ‘Internet of Things’ is growing as new devices emerge that are hijacked and integrated into botnets. Mirai infects routers, security cameras and other networked devices on the “Internet of Things” that still use factory defaults as credentials. The s ources of these attacks are most likely IoT devices that have been infected with the Mirai malware, which was also most frequently detected on honeypots. SSH, which is also used by IoT devices, recorded 456 million attacks. UPnP ranks second with 611 million attacks. With over 760 million attacks, or 26 percent of measured traffic, Telnet carried the largest share of the total number of attacks in the observed period. In the first half of 2019, F-Secure’s experts registered twelve times as many attacks as in the same period last year. The report is based on vulnerable servers that are placed on the net like bait (“honeypots”) and provoke attacks that are then documented by F-Secure. In autumn 2019 this law was impressively confirmed in the “Attack Landscape Report”. F-Secure report: More and more IoT devices attack Back in 2016, Mikko Hyppönen, Chief Research Officer at F-Secure, formulated his statement, now known as “Hypponen’s Law”: “ Whenever a device is described as ‘smart’, it is vulnerable“. “ If you get involved with such ‘stupid’ products, you risk having your home pierced with numerous security holes like a Swiss cheese,” says Trost. Especially in many crowdfunding projects, there are no guarantees as to how long the supposedly smart device will be supported and provided with security updates. Instead, the smart home industry must finally commit itself to common standards and long-term security mechanisms. It is unacceptable that there are any networked devices that have no or only inadequate routines for security patches,” complains Rüdiger Trost. “ KeyWe ‘s customers have to replace their ‘smart’ locks completely or live with the risk. Nevertheless, F-Secure has published a security warning. F-Secure is holding back important details about the hack, as many of the locks are already in use, but there is no possibility of subsequently securing the devices with a security update. “ All we needed was a little know-how, a small device to intercept the messages for 10 euros from the technology market and a little time to find the users” – said Krzysztof Marciniak, one of F-Secure’s cyber security consultants who performed the hack. However, F-Secure was able to handle the existing KeyWe security devices with quite simple means, by intercepting and manipulating the messages between the lock and the app. Users of the Korean manufacturer KeyWe ‘s supposedly “smart door lock” can open their doors at home using a smartphone app. Much of these attacks were caused by insecure smart home devices, which are now attacking other devices under the control of hackers without the owner knowing. We are finally calling for uniform, reliable standards in IT security for the Internet of Things.” This is confirmed by the results of the “Attack Landscape Report”, which in September 2019 registered a twelvefold increase in the number of attacks from the Internet compared to the same period last year. “ Any consumer who relies on such devices will end up being the fool himself. Graphic: Pixabay/ab - door and gate of the Smart Home wide open Finnish cyber security company F-Secure has hacked and opened the “smart door lock” of the Korean manufacturer KeyWe with amazingly simple means.įor Rüdiger Trost, Head of Cyber Security Solutions at F-Secure, this is further proof that the so-called “Smart Home” still has to struggle with extreme security problems worldwide: “ Outdated operating systems, poor programming, lack of standards – the now unmanageable number of networked devices makes the “smart” home a “dumb home“.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |