Jump to content

Infected Vending Machines And Light Bulbs DDoS A University


humble3d

Recommended Posts

Infected Vending Machines And Light Bulbs DDoS A University


Observing, pondering, and writing about tech. Generally in that order.


Opinions expressed by Forbes Contributors are their own.


IoT devices have become a favorite weapon of cybercriminals.


Their generally substandard security -- and the sheer numbers of connected devices -- make them an enticing target.


We've seen what a massive IoT botnet is capable of doing, but even a relatively small one can cause a significant amount of trouble.


A few thousand infected IoT devices can cut a university off from the Internet, according to an incident that the Verizon RISK (Research, Investigations, Solutions and Knowledge) team was asked to assist with.


All the attacker had to do was re-program the devices so they would periodically try to connect to seafood-related websites.


How can that simple act grind Internet access to a halt across an entire university network?


By training around 5,000 devices to send DNS queries simultaneously (for those who aren't familiar, DNS is what allows your computer to turn a name like Forbes  DOT com into an IP address that it can connect to).


In this particular case, those devices included everything from drink vending machines to street lamps.


All it takes for something like this to happen is for a single device to be exposed to attack.


Once one has been compromised, that device starts scanning for other vulnerable devices inside the network.


As they're infected, the malware changes the admin passwords on the devices.


That makes it harder to remove the infection.


Fortunately in this case, the university's IT staff were able to track down all the new passwords.


Whoever deployed this particular malware didn't bother to encrypt them.


They were transmitted as clear text, which allowed staff to intercept them with a packet-sniffing app.


Once they had a complete list, they were able to program a a fix -- a sort of automated antidote that reset passwords and broke the devices free from the botnet's grasp.


They're determined "never to have a repeat incident," and hopefully other institutions will take a proactive approach after reading about their experience.


 

https://www.forbes.com/sites/stevenbertoni/2017/02/14/tinders-sean-rad-on-how-technology-and-artificial-intelligence-will-change-dating/#5f2342f65b99

 

Link to comment
Share on other sites


  • Views 398
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...