Deprecated: Function create_function() is deprecated in /home/hidefide/public_html/blog/wp-content/plugins/wr-pagebuilder/core/core.php on line 127
{"id":721,"date":"2018-06-19T17:07:32","date_gmt":"2018-06-19T17:07:32","guid":{"rendered":"https:\/\/icaruspressblog.wordpress.com\/?p=721"},"modified":"2019-04-17T11:02:58","modified_gmt":"2019-04-17T11:02:58","slug":"rise-of-the-machines-a-botnet-that-can-dispense-ice","status":"publish","type":"post","link":"https:\/\/hidefideas.com\/blog\/2018\/06\/19\/rise-of-the-machines-a-botnet-that-can-dispense-ice\/","title":{"rendered":"Rise of the Machines: A Botnet that can Dispense Ice?"},"content":{"rendered":"

$\"terminator-exoskeleton\"$
\nIt\u2019s finally happened.<\/p>\n

And if people around the office think your name is \u2018that creepy guy from IT,\u2019 or if you\u2019ve gotten numerous strange looks while trying to explain to people that the mythos behind Terminator<\/em> is not only plausible, but it is, in fact, inevitable, then this story is for you. And it\u2019s far too cool for school. Literally.<\/p>\n

You see, it\u2019s common knowledge that the growing glut of connected devices is as much of a threat as it is a boon, but while bring your own device (BYoD) has represented a new headache for many IT admins, most of us probably tend to forget that tablets and smartphones are only part of the equation. The modern home is becoming a self-actualized network of security devices, thermostats, light switches, set-top boxes, TVs and refrigerators, and they all have an IP address and a connection to the WorldWide Web. And while we spend a great deal of time ensuring that our PCs and mobile devices are secure, we tend to be at a disadvantage when it comes to the aforementioned net appliances.<\/p>\n

All that cool stuff that came out of the Terminator<\/em> movies is sounding a wee bit more eerie this week, after a report from security firm Proofpoint<\/a>, and it sheds a whole new light on what the future might have in store for us. And no, I\u2019m not suggesting that Cyberdyne Systems will bring Skynet online, effecting a massive revolt of self-aware systems and the ultimate near-demise of humanity. Skynet already went online<\/a> on August 4, 1997 and it hasn\u2019t happened, so duh. But a massive cyber attack at the beginning of 2014 should have people worried about the gaping security hole that appears to have graduated from speculation to reality.<\/p>\n

Proofpoint has identified that attack as coming in part from the Internet of Things (IoT), an interesting phrase that will undoubtedly grow legs in the coming years. \u201cIn January 2014, Proofpoint researchers discovered proof of a much-theorized but never before seen Internet of Things (IoT) cyber-attack. Proofpoint has observed what we believe to be an industry first of devices, including some home appliances (TVs, a refrigerator), sending malicious email spam.\u201d<\/p>\n

The researchers at Proofpoint were analyzing email threats when they observed the attack, comprised of more than 750,000 malicious emails. And what made it particularly weird was that more than 25 percent of the zombie computers contributing to the attack were not your daddy\u2019s laptop, and they weren\u2019t the iPhone sitting on your desk. They were things, and Proofpoint is calling it a \u2018Thingbot-net.\u2019 Between December 23^{rd<\/sup> and January 6^{th<\/sup>, Proofpoint discovered, there were three campaigns a day, with each campaign delivering approximately 100,000 spam emails, and of the more than 450,000 unique IP addresses, Proofpoint notes, more than 100,000 were from Thingbots.<\/p>\n}}

Do you want ice with that?<\/h2>\n
Proofpoint dug into the data and found that \u201cwhile the majority of mail was initiated by \u201cexpected\u201d IoT devices such as compromised home-networking devices (routers, NAS), there was a significant percentage of attack mail coming from other non-traditional sources, such as connected multi-media centers, televisions and at least one refrigerator.\u201d In addition, the firm found:<\/p>\n
\n
A vast number of the devices are running embedded linux servers (usually busybox)<\/li>\n
Some use mini-httpd, some apache<\/li>\n
Some are ARM devices, some are MIPS (or something very similar) others are based on an embedded Realtek chipset (for example, media players)<\/li>\n
Some are believed to be game consoles<\/li>\n
Some are NAS devices (one specific brand has open telnet, open ssh and an SMTP server – all unsecurable)<\/li>\n
Some set-top boxes were also seen as exploited<\/li>\n<\/ul>\n
Now if this doesn\u2019t have you searching for your Terminator Blu-ray collection (maybe you can write it off as business research), we don\u2019t know what will. \u201cThis proof of a systematic compromise of IoT devices and its subsequent use of those Thingbots to further attack other networks is something we\u2019ve never seen before.\u201d And the discovery certainly has some chilling implications. \u201cThis suggests an unfortunate future for both home users and enterprises, the latter of whom now faces an even larger volume of malicious attack capacity.\u201d<\/p>\n
In many ways, this was inevitable. Who among us, especially the tech savvy, don\u2019t have a growing network of connected devices in our homes? And how exactly can we lock them down? We can use gateway-level MAC and IP blocking, but that\u2019s not always practical if you need to take advantage of a device\u2019s features.<\/p>\n
At very least, you may want to cripple your refrigerator\u2019s SMTP.<\/p>\n","protected":false},"excerpt":{"rendered":"
It\u2019s finally happened. And if people around the office think your name is \u2018that creepy guy from IT,\u2019 or if you\u2019ve gotten numerous strange looks… <\/p>\n","protected":false},"author":3,"featured_media":715,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13,14],"tags":[11,9,10,8,7],"class_list":["post-721","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-spam","tag-allspammedup","tag-bot","tag-botnet","tag-malware","tag-spam","jsn-master"],"_links":{"self":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/721","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/comments?post=721"}],"version-history":[{"count":2,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/721\/revisions"}],"predecessor-version":[{"id":1716,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/posts\/721\/revisions\/1716"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/media\/715"}],"wp:attachment":[{"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/media?parent=721"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/categories?post=721"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hidefideas.com\/blog\/wp-json\/wp\/v2\/tags?post=721"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}