CALL US: 216-397-4080  | CLIENT HELP DESK: 216-539-3686

Hand Wringing

Hand Wringing

Riverbank Ruminations; Observations from The Banks of The Technology River

Tom Evans ~  Ashton Engineer Emeritus

 Sometimes when people think about a dystopian future, they think about robots taking over, like this member of the Facebook community.  There is the fear that as robots get more intelligent and gain more abilities, they will eventually surpass humans in ability and take over ruling the earth. There is a series on Fox titled Next about an AI (artificial intelligence) that escapes into the world after bribing a human technician to give it access to the internet. It starts making things, and bad things happen. While humanity’s nemesis seems to have evil intent, it uses tactics that can be used by bad humans today; hacking cars and other devices to cause mayhem and protect itself.

Only time will tell how close to reality that program will come. What IS happening now is that things we are using to make life better (or at least more convenient) are regularly being subverted to our detriment. Back in February, I wrote about the issues with Ring products and security issues that they were dealing with. One of the hacking events allowed an outsider to talk to children in the house. Things have not gotten any better. Ring is not in the spotlight now but IoT (Internet of Things) devices continue to be a source of truly bad things.

This of course is not news, and I see nothing happening to change the direction things are heading. It brings to mind this quote:

“There are occasions when a moralising novelist can merely wring his hands and leave matters to take their course.”
― H.G. Wells, The Wheels of Chance: A Bicycling Idyll

Hand wringing is not very productive. What is productive is to educate ourselves on the need for security when it comes to IoT devices. Each passing day brings to market more devices that connect to the internet. As these are consumer devices, for the most part, cost trumps security. The result of that thinking leads to data like that mentioned in this article:

  • The volume of infected Internet of Things (IoT) devices globally has soared by 100% over the past year, according to new data from Nokia.
  • The telecom equipment maker’s Threat Intelligence Report 2020 is compiled from data processed by service providers using its NetGuard Endpoint Security tool.
  • It revealed that infected IoT devices now comprise nearly a third (32.7%) of the total, up from 16.2% in the 2019 report.
  • With the introduction of 5G well underway, it is expected that not only the number of IoT devices will increase dramatically, but also the share of IoT devices accessible directly from the internet will increase as well.

The consequences of this upsurge of infected devices are highlighted in this article offering some details on a group that sells access to compromised home security cameras. Like most compromises, this is being monetized by the hackers.

 

  • (The group is) reportedly offering access to the camera footage for a one-off subscription fee of $150 and claims to have already shared over 3TB of clips with scores of members. A 700MB sample featuring around 4000 videos and stills is reportedly available for free.
  • As well as existing video clips, the group is apparently claiming to have a list of over 50,000 cameras on its files which VIP members can “explore, watch live and even record.
  • The clips are said to feature victims in compromising positions, including breastfeeding mothers and even school children. It’s most likely that they are taken from the IP security cameras now commonplace in many smart homes.

Businesses need to be aware that with so many workers at home, these compromised devices are in a position to infiltrate your business network via your work-from-home employee. If you don’t have control over your employee’s home network, you are at risk. This article mentions a somewhat humorous ransomware proof of concept attack on a coffee maker. The article also offers the reminder:

And those IoT systems can extend far beyond caffeine delivery. While the infamous Target attack of 2013 took criminals from an HVAC contractor to Target’s customer database, modern converged IT/OT systems can easily see lateral movement in the other direction.

Since I am pretty much an observer from the riverbank, watching things happen in technology, I can only wring my hands hopefully. If you have a business, you need to do much more. Get educated about IoT devices, on or off your network. Educate your employees about the need to be security conscious at home, even with devices that are not work-related. The result of ignoring the state of IoT devices will be hand wringing over a disaster.  Call Ashton at 216 397-4080 to learn more.

 

 

 

Related Posts