There is a great Wall Street Journal article about how the "internet of things", meaning all the devices that we have own that are now internet connected; Phones, Cameras, Fridges, Thermostats, Cars, etc..., are just the perfect hosts for criminals and state sponsors to hack into your computer or network and steal information, cause irreparable damage to property or even to just flood a server or network with packets to cause downtime (known as a DDOS attack).
An interesting way that these devices are exploited is by hacking their basic software that runs them and then forming a million device army of rogue devices. They then order these devices to attack whatever they want. Recently, a security report showed that "attackers used as many as one million Chinese-made security cameras, digital video recorders and other infected devices to generate webpage requests and data that knocked their targets offline, security experts said. It is unclear whether the attackers had access to video feeds from the devices."
Those affected include French web hosting provider OVH and U.S. security researcher Brian Krebs, whose website was disabled temporarily.
“We need to address this as a clear and present threat not just to censorship but to critical infrastructure,” Mr. Krebs said.
Experts believe that machines without their own screens are less likely to receive fixes designed to protect them. Gadgets ranging from “smart” light-bulbs to internet-connected cars. Wi-Fi routers are a growing source of concern as many manufacturers put the onus on consumers to do the updating.
One of the biggest culprits of infected devices is Chinese technology company Dahua Technology Co. Many of Dahua’s cameras and recorders are used by small businesses for security systems. Level 3, a major internet backbone provider, said H.264 DVRs made by Dahua were especially prevalent, though security researchers said other brands were affected. In some cases the devices weren’t protected with passwords or had generic passwords.
So what can the average consumer do about this threat? Not Much. Just about the only thing you can do that is somewhat effective is keep your devices firmware up to date. This means periodically checking the manufacturers website for patches or updates that you can apply to your devices.
I realize that updating firmware and scanning for malicious network traffic is a little out of the scope of most basic internet users. But what you can do is hire an expert to check out your network and devices for any potential security breach or security hole.
Give us a call today if you would like to discuss how we can help protect you and your devices. 732-477-4005