Photo: Vesna / Photobank Lori
Computer mice and home routers were among the five potentially dangerous devices from the category of the Internet of things, according to the findings of Russian experts on cyber security
Experts of the Russian company Positive Technologies, specializing in cyber-security (including customer — Ministry of internal Affairs, Ministry of Finance, the Pension Fund of Russia, Rosatom, VTB24, etc.), to identify the most vulnerable devices in the Internet of things. Among them is home routers, DVRs, GPS navigation, wireless keyboard and mouse, and smart devices electricity and water. The analysis took into account how the prevalence of devices and the number of discovered vulnerabilities in them.
Threat mouse and navigation
As told the head of group of development of methods of attack detection Positive Technologies Anton Tyurin, among the analyzed devices of the most vulnerable and, as a consequence, potentially the most dangerous — is routers. The world average monthly detected about ten vulnerabilities in software home Wi-Fi and 3G routers. The problem is that manufacturers do not always release a new version of the software where a vulnerability is fixed, and if you do this, users often do not update it, the expert explained. 87% of home routers that have been tested by experts Positive Technologies, was the discovered vulnerabilities related to the lack of updates. According to specialists, the average age of the firmware on the router average is 3-4 years.
Moreover, users usually do not configure the routers with the requirements of security and continue to use the default settings: passwords about 15 of the 100 devices has never changed, experts say the company. “People do not even think that, in addition to your password to the Wi-Fi network, you must also create a password to the device, which opens access to the settings and the interface of the router. That is, the attacker, taking possession of your password, you will be able to get into your home network and intercept traffic”, — explained Tyurin. According to him, the usernames and default passwords such as “admin: admin”, “admin:0000” or “user: user”, are not changed by the user, and, knowing such a popular combination, it is possible to access every tenth device.
Other vulnerable devices include video cameras and navigators. For the assessment of Positive Technologies, worldwide potentially vulnerable 3.5 million cameras that you can access. The main type of threat from criminals to users Navigator is spoofing (substitution signal). “The danger here is that the signal from the GPS is sent unencrypted, so it is very easy to intercept or to modify,” explained Anton Tyurin.
Wireless computer keyboard and mouse are also easily susceptible to cracking, continues the company’s specialists and set, you can buy online for just 300 rubles. And intercepting the data, for example, from the keyboard, the attacker can steal passwords and other personal data. To carry out such a hacking criminals can, being at a distance of 1 km.
Among five potentially dangerous devices from the Internet of things also get “smart” device of power supply (smart grid). In the course of research the specialists of Positive Technologies have detected that 5% of the 1000 monitoring systems solar power does not require a password for access to settings, the other 95% the password was, but it was very simple (easy to pick). “Bypassing the authentication, an attacker is able to change system settings, which will lead to crash”, — experts warn.
How many devices are in danger
To calculate the actual number exposed to cyber devices from users in Russia, complicated. According to “M. Video” for the year 2016, the number of routers sold was estimated at about 3 million units (including corporate sales), wireless mice and keyboards to 3.7 million units, navigation — about 220 thousand, of video 800 thousand.
According to AC&M, at the end of 2016 in Russia was 10.7 million SIM cards that worked in M2M devices (meters and other machine to machine interaction) and other items from the category of the Internet of things. By the end of 2017, their number should increase to about 15 million units. However, in reality such devices connected to the network, is much higher, as a large portion of them can be connected using other wireless technologies (Wi-Fi, Bluetooth) or by wire, said the representative of AC&M.
Photo: Denis Abramov / Fotoimedia
The phantom menace
According to the Manager of division of standardization and risk management Acronis Yulia Omelchenko, routers, indeed, very vulnerable. If an attacker can hack into it, then he can also retrieve the data files on your computer, because users rarely change the factory settings, use weak passwords and do not update the firmware. “In addition, the hacking of the router leads to the fact that a hacker can intercept the whole traffic, if it’s not encrypted (if the sites do not use secure HTTPS Protocol. — RBC), that is, to see all the web activity of the user which sites he visits, as well as potentially steal passwords or banking data,” says Omelchenko.
In “Kaspersky Lab” also point to the rising number of threats aimed at the Internet of things. “Now the security of embedded systems, at times reminiscent of traditional computing systems in the 1990s — come and get it data. Connected devices are an attractive target for cybercriminals because besides that it is pretty easy to access (many users do not even change the default settings from the manufacturer and rarely install firmware updates), they are also connected to the network 24/7. And that means becoming part of a botnet (a computer network consisting of a certain number of running bots), you can use them at any time of the day or night,” said virus expert “Kaspersky Lab” Denis Legato.
According to Sergey Nikitin, the Deputy head of the laboratory of computer forensics company Group-IB, the majority of “smart” things — it is an ordinary electronic computers running one of the UNIX-like operating systems. “Vulnerabilities in these systems find a regular basis, but the support lifecycle for devices is very small, — said Nikitin. — The result is a paradox. For example, a TV can serve ten years or more, but the firmware that fixes the vulnerability for him, will come out only in the first one or two years. The same can be said about home routers, can work, but safe firmware that corrects all of the latest vulnerability, under them, and there never will be.”
In his opinion, to avoid this, it is necessary to require device manufacturers to release security updates for the entire potential lifespan. “It is desirable to fix it at the legislative level, which, of course, very difficult”, — concluded the expert Group-IB.