HouseCall for Home Networks
Noticed any strange devices connected to your Wi-Fi?
Scan connected devices in your home network for security risks
Scan connected devices for security risksLearn more
Every building—regardless of whether it accommodates enterprises or private owners—has security systems in place to protect valuable assets. These physical security systems range from simple access control, meaning doors and locks, to widespread surveillance systems and multiple alarms. And as these different systems grow more sophisticated, building administrators are finding ways to make managing them more convenient.
Problems with hardcoded credentials are hitting consumer IoT devices, industrial SCADA devices, and even critical infrastructure. Despite the appeal on source code and firmware audition, this type of vulnerability recurs and threatens users’ privacy and data security.
Do you know if your router has turned into a zombie? It could be part of a botnet responsible for the DDoS attacks that have been taking down company websites.
Last year, the Mirai botnet launched massive and widespread attacks by leveraging vulnerable connected devices (including routers, CCTV cameras, DVRs etc.) and turning them into weaponized zombies.
How is it possible for users to lose hundreds of dollars in anomalous online bank transfers when all of their gadgets have security software installed?
Last year, user Y, who is based in Brazil, lost R$600 (US$191.02, as of January 30, 2017) as a side effect of information theft. Upon discovering this, Y immediately called an IT technician to find the root cause. The technician originally chalked up the incident to Y accessing a fake website.
On December 9, security researchers at Carnegie Mellon University warned about a major vulnerability discovered in several popular Netgear routers that could leave thousands of home networking devices exposed to arbitrary command injection. If exploited, hackers could gain full control of these devices and incorporate the compromised device to a botnet.
With more households running smart devices that access the internet, the router is typically their only doorkeeper. And whether an end user has a laptop/desktop and router combo, or a miscellany of other devices connected to the network, the security risks are the same. Based on our research, home routers have been most susceptible to cross-site scripting (XSS) and PHP arbitrary code injection attacks, as well as being involved in carrying out DNS amplification attacks.
Home users and home IoT device manufacturers can minimize the potential risks that come with a smart home. They just have to know where to start. Below are some practical security measures they can apply.
What do you do when the thing that’s supposed to make your life easier starts working against you?
It was April 2015 when a couple from Washington discovered something unsettling. Their three-year-old son had been complaining about an invisible man talking to him at night. They were initially apprehensive about the story until they themselves heard a stranger’s voice come out of the baby monitor they installed in their son’s room.
Who would attack a smart home and why? What would an attacker gain by doing so? Unlike PCs and smartphones, IoT devices—at least those available in the market right now—don't all run on a single operating system.This difference makes it more challenging for interested people to launch attacks on a wide scale. Compromising the security of such devices would also require a bit of knowhow and the right tools.
One day, everything will be buttonless. Nobody will ever need to grab the remote to turn on the television or hit a switch to kill the lights. These devices will just do what they’re supposed to, all by themselves, without any physical prompts from the user. They won’t be set off by claps, or voice commands, or hand gestures in the air.
From October 4 to 7, CEATEC JAPAN 2016 was held at the Makuhari Messe. This year’s theme, “Connecting Society, Creating the Future”, puts the focus on cyber-physical systems (CPS) and the Internet of things (IoT), and how these trends affect current industrial structures, business models, and society. Compared to previous years, the recorded number of attendees—both for exhibitors and registered visitors numbers—greatly increased.
We look at IoT as a system that connects an infinite number of devices to the Internet. This new era of IoT brings the possibility of improving our lives in many different ways like smart homes, smart cities, and smart cars.
Using multiple devices that run on one platform makes life easier for a lot of people. However, if a malware affects one of these devices, the said malware may eventually affect the others, too. This appears to be the case when we came across an Android mobile lock-screen ransomware, known as “FLocker,” that is capable of locking smart TVs as well.
Attacks against home routers have been going around for years—from malware that rigs routers to DNS rebinding attacks and backdoors, among others. Just last year one of our researchers reported a Domain Name System (DNS) changer malware that redirected users to malicious pages when they visited specific websites. This enabled cyber crooks to get hold of the victims’ online credentials, such as passwords and PINs.
If you’ve ever been inside an airport, university campus, hospital, government complex, or office building, you’ve probably seen one of HID’s brand of card readers standing guard over a restricted area. HID is one of the world’s largest manufacturers of access control systems and has become a ubiquitous part of many large companies’ physical security posture.