Seen that startling video of a hacked Jeep cruising down an interstate? It definitely serves as a warning sign to the direction of future attacks. Looking at three stories from the top of my weekend newsfeed, hackers are continuing to take advantage of vulnerabilities across a wide variety of devices and appliances:
24 Aug 2015 - A team at Pen-Test Partners discovered a man-in-the-middle enabling flaw in Samsung’s smart refrigerator. This high-tech fridge integrates a user’s Gmail account with its display to present calendar events. The team found that the device does not validate SSL certificates, opening the opportunity to access the network and monitor activity for the username and password linked to Gmail.
25 Aug 2015 - More than 70 percent of Android phones from LG have a plugin installed that exposes them to the Certifi-gate remote support app vulnerability, where a rogue application can completely take over a device.
26 Aug 2015 – Researchers at the CERT Coordination Center (CERT/CC) of the Carnegie Mellon University have discovered that the hard-coded password on Asus and ZTE ADSL routers allows attackers to start a Telnet session to the device and then take full control by gaining administrator rights.
So, yeah, I’m not one to get too excited about a couple of new vulnerabilities found here and there, but still, this was an interesting pattern to follow. In the past, we have become accustomed to discovering accidental flaws and less accidental backdoors enabling attackers to plant malicious segments of code. This practice led to a wide dispersal of Vulnerability Management Services, widely popular to-date. Sadly, this was a double-edged sword. Positively, we became more patch-aware and our vendors were more motivated to shut their flaws down. On the other hand, legacy flaws and vulnerabilities that are inherent to almost every device we use were swiftly discovered. As of today, most of us are generally either paranoid or oblivious.
So, why should we care again? Mainly because there are simple and applicable steps to mitigate the risk derived from vulnerable devices and appliances. One of the keys to figuring out what is wrong is through log data and auditing important actions users are taking.
How and where do I collect this data from? Well, that’s something to talk about in future posts…