There’s a new malware called BrickerBot that permanently disables vulnerable IoT devices by corrupting their storage capability and reconfiguring kernel parameters. Right now, it targets devices with open Telnet ports, but we should assume that future versions will have other infection mechanisms. Slashdot thread. Powered by WPeMatico
Category: internetofthings
Auto Added by WPeMatico
Interesting acoustic attack against the MEMS accelerometers in devices like FitBits. Millions of accelerometers reside inside smartphones, automobiles, medical devices, anti-theft devices, drones, IoT devices, and many other industrial and consumer applications. Our work investigates how analog acoustic injection attacks can damage the digital integrity of the capacitive MEMS accelerometer. Spoofing such sensors with intentional … Read More “Acoustic Attack Against Accelerometers” »
CloudPets are an Internet-connected stuffed animals that allow children and parents to send each other voice messages. Last week, we learned that Spiral Toys had such poor security that it exposed 800,000 customer credentials, and two million audio recordings. As we’ve seen time and time again in the last couple of years, so-called “smart” devices … Read More “IoT Teddy Bear Leaked Personal Audio Recordings” »
Here’s a video interview I did at RSA on the Internet of Things and security. Powered by WPeMatico
This is my talk at the RSA Conference last month. It’s on regulation and the Internet of Things, along the lines of this essay. I am slowly meandering around this as a book topic. It hasn’t quite solidified yet. Powered by WPeMatico
Botnets have existed for at least a decade. As early as 2000, hackers were breaking into computers over the Internet and controlling them en masse from centralized systems. Among other things, the hackers used the combined computing power of these botnets to launch distributed denial-of-service attacks, which flood websites with traffic to take them down. … Read More “Botnets” »
Verizon’s Data Brief Digest 2017 describes an attack against an unnamed university by attackers who hacked a variety of IoT devices and had them spam network targets and slow them down: Analysis of the university firewall identified over 5,000 devices making hundreds of Domain Name Service (DNS) look-ups every 15 minutes, slowing the institution’s entire … Read More “IoT Attack Against a University Network” »
Lately, I have been collecting IoT security and privacy guidelines. Here’s everything I’ve found: “Internet of Things (IoT) Broadband Internet Technical Advisory Group, Broadband Internet Technical Advisory Group, Nov 2016. “IoT Security Guidance,” Open Web Application Security Project (OWASP), May 2016. “Strategic Principles for Securing the Internet of Things (IoT),” US Department of Homeland Security, … Read More “Security and Privacy Guidelines for the Internet of Things” »
Here’s a story about data from a pacemaker being used as evidence in an arson conviction. EDITED TO ADD: Another news article. BoingBoing post. Powered by WPeMatico
Attackers held an Austrian hotel network for ransom, demanding $1,800 in bitcoin to unlock the network. Among other things, the locked network wouldn’t allow any of the guests to open their hotel room doors. I expect IoT ransomware to become a major area of crime in the next few years. How long before we see … Read More “IoT Ransomware against Austrian Hotel” »