Are holders of multimedia equipment (tv) connected to the Internet are safe? Is there a possibility to take over some of the functions of the TV or advanced home stereo? To interesting conclusions reached during the research analyst at security firm Kaspersky.
David Jacoby, conducted a research experiment in your own living room to check how secure is his house for cyber threats. The test is to demonstrate that the multimedia appliances such as network devices for data storage (NAS), TV smart TV, routers, Blu-ray etc., Are vulnerable to cyber attacks. It turned out that they are.
The conclusions of the study are not optimistic – a popular home entertainment devices with access to the Internet pose a real threat to cyber security due to vulnerabilities in their software and the lack of basic security measures such as strong The default administrator password, and encrypt the connection.
Audited equipment included two models of the NAS-s different manufacturers, one smart TV, satellite receiver, router and connected to the network printer. During his studies, David Jacoby has detected 14 vulnerabilities in the storage devices connected to your home network, a gap in the TV and some potentially hidden control function on the router.
In line with its policy of liability for disclosure of data, Kaspersky Lab does not give the names of manufacturers whose products were included in the study, to the publication of security patches removing data gaps. All manufacturers were informed of the discovered vulnerabilities. Kaspersky Lab specialists work closely with them to address any identified errors in security.
“Users should be aware of the risks associated with the devices connected to the Internet and your home network. We must also remember that the security of our information is not only a strong password – a lot of things we have no control. In less than 20 minutes I found and confirmed the extremely serious vulnerability in a device that looked like a safe, and even referred to the safety of his name. What results would give similar study had been conducted on a much broader scale than my living room? This is just one of many questions that manufacturers of equipment, the security industry and users must work together to find an answer in the near future. Another important question concerns the life cycle of the equipment. As I learned from conversations with producers, some of them will develop security patches for a vulnerable device when its life cycle comes to an end. This cycle is usually one or two years, while the device – for example, such as NAS-y – operate in homes and offices much longer “- said David Jacoby, a senior researcher for. Safety of Kaspersky Lab and author of the study.
The most severe vulnerabilities have been identified in the storage devices connected to a network (NAS). Some of them allow an attacker to remotely execute system commands the highest administrative privileges. Tested devices were also weak default passwords, multiple configuration files had incorrect permissions and contained password stored in plain text (no encryption). For example, the default administrator password for one of the devices consisted of only one digit. Another device circulated the configuration file with passwords for all users in the network.
Using another gap, the researcher was able to easily put the file in the device memory inaccessible to write for standard users. If the file has proven to be malicious, infected NAS would be a source of infection of other devices connected to it – eg. Home computers or office. Properly crafted file could even join the NAS to the home network of infected machines (called. Botnet), which is used to send spam or launch DDoS attacks. Moreover, the vulnerability requires placing an object in a special device file system, so the only way to remove it was to use the same vulnerability. Naturally, this is not a simple task, even for skilled technical, not to mention the person who simply uses multimedia equipment in your home.
Attack via a smart TV
Analyzing the security level your TV Kaspersky Lab researcher discovered that the communication between the receiver and the server of the manufacturer is not used no encryption. This potentially opens the gate attacks, man-in-the-middle, as a result of which the user trying to buy content via smart TV could – for example – to send money to the scammers. As an experiment, the researcher was able to replace the icon interface on the TV picture. Widgets and thumbnails are usually downloaded from the server manufacturer’s TV, so the lack of an encrypted connection can cause the information to be modified by a third party. The researcher also found that smart TV is able to execute Java code, which, combined with the ability to capture the traffic between the TV and the Internet can contribute to harmful attacks using exploits (malicious programs that infect via security holes).
Hidden Features spyware router
The DSL router is used to provide wireless Internet access to all devices in the home contained some dangerous features hidden from his own. According to the researcher, some of these “secret” feature could potentially provide internet service provider remote access to any device on the private network. More importantly, the results of the study showed that some sections of the network interface of the router (such as “Web Cameras” “Telephony Expert Configure”, “Access Control”, “WAN-Sensing” and “Update”) are “invisible” and normally can not be viewed and modified by the owner of the equipment. Access to them can only be achieved through the use of a vulnerability, which allows you to navigate between the different sections of the interface (in fact they are Web pages, each of which has its own alphanumeric address) by breaking numbers at the end of the address by the attack force (brute force).
Originally, these features have been introduced for the convenience of the owner of the device and support staff: for example, the quick access makes the Internet service provider can quickly and easily solve potential technical problems on the device. But convenience may change in the risk, if access to the device obtains an unauthorized person.
How to stay safe in a world of devices connected to the Internet
– Utrudnij life potential attackers: use all the latest security updates and install software updates (the so-called. Firmware) for all of its devices. In this way, you minimize the risk of attacks exploiting known vulnerabilities.
– Be sure to change the default user name and password wherever it is required to login – this is the first thing that will make a person trying to attack your machine.
– Most routers home offers the option to configure their own network for each device and restrict access to the device – with the help of several different demilitarized zones (DMZ), a separate network segments for systems characterized by a higher risk of burglary. For example, if you have a TV smart TV, you can limit its availability, and let he had access only to a specific resource on your network. It is not necessary that all devices have access to the entire home network.
No comments:
Post a Comment