Internet of Things (IoT) botnets

A440
Posts: 4774
Joined: Sat Nov 20, 2010 1:56 am

Internet of Things (IoT) botnets

Post by A440 » Wed Jul 06, 2016 4:01 am

I found this article from succri that was interesting.
This article describes a botnet made up of CCTV devices that had internet access and was used in a DOS attack:

blog.sucuri.net/2016/06/large-cctv-botnet-leveraged-ddos-attacks.html

Guest

RE: Internet of Things (IoT) botnets

Post by Guest » Wed Jul 06, 2016 3:12 pm

WOW =
Unfortunately, as website owners, there is not much you can do to get those 25,000+ CCTVs fixed and protected. You also can't do much to fix the millions of vulnerable devices on the internet that can be used as botnets and DDoS amplification methods

I am flabbergasted, I thought that by now, these devices were "isolated by default" from the internet, I wish I knew more about the hardware, but I noticed that those who know, tends to overlook the obvious, you may still remember the big problem with the baby monitors being hacked, regardless of how secured a password may be, I would not trust these devices connected to the net, I rather go back in time and use radio connections, there got to a be a better way than the net

Good read

A440
Posts: 4774
Joined: Sat Nov 20, 2010 1:56 am

RE: Internet of Things (IoT) botnets

Post by A440 » Wed Jul 06, 2016 3:45 pm

Yes, this is why I would not buy a smart TV from Samsung or LG; they communicate in the background through the internet and are inherently insecurity.
I encourage everyone to not hook up everything to the internet unless you really have your security down solid!

Guest

RE: Internet of Things (IoT) botnets

Post by Guest » Thu Jul 07, 2016 2:53 am

"Yes, this is why I would not buy a smart TV from Samsung or LG"
4real?
Is there any way to disconnect it?
I like Samsung and I bought a central conditioning for the house, I could not imagine an AC hooked to the net, but I will have to check my front flood lights [solar] .................. This is insane, I hope no one hacks my refrigerator :/
Thanks for the feedback

Apollo702
Posts: 1213
Joined: Thu Sep 12, 2013 4:40 pm

RE: Internet of Things (IoT) botnets

Post by Apollo702 » Thu Jul 07, 2016 5:29 am

There is nearly zero benefit for the consumer to have things like their toaster broadcasting everything you do.

There is significant downside as this very information can and will be used against us in ways that most could not even begin to imagine.

One's best bet is to look for devices which are nice and dumb.

A secondary step is to physically block cameras, sensors and the like. With a desktop it is possible to simply unplug devices such as cameras and mics. On mobile they are imbeded.

A final step is it is possible to buy RF blocking wallets, sleeves and other protective covers. They are available for a growing number of devices- but the downside of the extra privacy/security is some devices such as your phone won't be able to send or receive calls until you remove it.

Those are some simple steps that consumers can take to fight back.

A440
Posts: 4774
Joined: Sat Nov 20, 2010 1:56 am

RE: Internet of Things (IoT) botnets

Post by A440 » Sat Oct 22, 2016 4:05 am

Anything that can be connected to the internet can be a weapon of massive denial or worse.

The Guardian has a current artlcle on this and the reactionary NY Times is bleating about "Hackers Used New Weapons in Attack on U.S. Internet"

CCTV botnets are not new weapons and nor is there a "U.S. Internet" though some companies that use the internet are located in America.This is an editorial distraction.

There appears to be a convergence of devices, dumb users, hackers and sneaky New York Times editors.
I rather like this quote from a Popular Science article:
In the world of hardware hacking, any smart device—a refrigerator, clock, even a wearable fitness monitor—could be weaponized.

Site-rater
Posts: 5882
Joined: Tue Sep 15, 2009 7:48 pm

RE: Internet of Things (IoT) botnets

Post by Site-rater » Sat Oct 22, 2016 3:26 pm

<quote user="a440">
Anything that can be connected to the internet can be a weapon of massive denial or worse.

The Guardian has a current artlcle on this and the reactionary NY Times is bleating about "Hackers Used New Weapons in Attack on U.S. Internet"

CCTV botnets are not new weapons and nor is there a "U.S. Internet" though some companies that use the internet are located in America.This is an editorial distraction.

There appears to be a convergence of devices, dumb users, hackers and sneaky New York Times editors.
I rather like this quote from a Popular Science article:
[/quote]

We just had a major DDOS attack that appears to have originated from IoT devices; there are also news articles suggesting Wikileaks ([url=https://www.mywot.com/en/scorecard/wikileaks.org t=_self]Scorecard[/url]) supporters may be involved in this cyber-terrorist attack.

Why is wikileaks.org rated 94% with very high confidence?

A440
Posts: 4774
Joined: Sat Nov 20, 2010 1:56 am

RE: Internet of Things (IoT) botnets

Post by A440 » Sat Oct 22, 2016 4:26 pm

<quote user="site-rater">
. . . there are also news articles suggesting Wikileaks supporters may be involved in this cyber-terrorist attack.
[/quote]I don't believe that for one moment, especially without proof. Media, especially American media, nowadays is suffering from severe political bias.

Site-rater
Posts: 5882
Joined: Tue Sep 15, 2009 7:48 pm

RE: Internet of Things (IoT) botnets

Post by Site-rater » Sat Oct 22, 2016 5:09 pm

<quote user="a440">
I don't believe that for one moment, especially without proof. Media, especially American media, nowadays is suffering from severe political bias.
[/quote]

No, WikiLeaks admitted it themselves - hXXps://twitter.com/wikileaks/status/789574436219449345

A440
Posts: 4774
Joined: Sat Nov 20, 2010 1:56 am

RE: Internet of Things (IoT) botnets

Post by A440 » Sun Oct 23, 2016 12:26 pm

I still find the envolvement of wikileaks to be unconfirmed. Read that same link for this comment:
Deplorable ‏@1and2andthree Oct 21
@JameyAbercromb1 @vernonkelliott @wikileaks can we have proof...can't trust anyone nowadays.
I would want to see more than a tweet, especially since security agencies, such as the National Intelligence Service in South Korea, released millions of tweets during the last presidential campaign, in favour of the conservative candidate who won.


Anyone can release a "tweet".

Post Reply

Who is online

Users browsing this forum: No registered users and 4 guests