- The Washington Times - Monday, October 24, 2016

Technology companies, security specialists and the Department of Homeland Security are taking steps to protect against another massive cyberattack like the one that hampered access to popular websites Friday after hackers hijacked millions of digital devices.

A Chinese technology company whose infected devices were among those used to launch the cyberattack will recall some of its products, including security cameras. Hangzhou Xiongmai Technology will recall products sold in the U.S. after security researchers identified its products as among those used by the hackers, The Guardian reported Monday.

The attack targeted Dyn, an internet infrastructure company that provides traffic management for websites. The company was hit with distributed denial of service (DDoS) attacks, which flood servers with junk traffic that slow their operations.

The attack caused connection issues for East Coast internet users, making it difficult to access popular websites such as Twitter, Spotify, Netflix and Amazon. Officials from Dyn called it “a sophisticated, highly distributed attack involving tens of millions of IP addresses.”

The Homeland Security Department, which is investigating the attack with the FBI, said the hackers used malware that exploits security vulnerabilities in devices that connect to the internet — such as surveillance cameras, entertainment systems and routers.

The ever-growing category of interconnected products and devices are commonly referred to as the “internet of things.” Hackers using malicious software scour the internet for such electronics and attempt to compromise them by using their default factory-set passwords.

Homeland Security Secretary Jeh Johnson said Monday that investigators are working with the private sector and research community to develop ways to mitigate further attacks.

“The department has also been working to develop a set of strategic principles for securing the internet of things, which we plan to release in the coming weeks,” Mr. Johnson said.

Hangzhou Xiongmai blamed the hack of its products on users who failed to change default passwords on their devices. The company told The Guardian that its products are well-protected from cybersecurity breaches.

“Security issues are a problem facing all mankind. Since industry giants have experienced them, Xiongmai is not afraid to experience them once, too,” the company said.

A spokesperson from Hangzhou Xiongmai did not respond to emails seeking comment.

Cybersecurity investigator Brian Krebs wrote in an analysis of the DDoS attack that many mass-produced digital devices such as those made by Hangzhou Xiongmai “are essentially unfixable, and will remain a danger to others unless and until they are completely unplugged from the internet.”

Although “users could change the default credentials in the devices’ Web-based administration panel, the password is hardcoded into the device firmware and the tools needed to disable it aren’t present,” he wrote.

“These insecure [internet of things] devices are going to stick around like a bad rash — unless and until there is a major, global effort to recall and remove vulnerable systems from the internet,” Mr. Krebs wrote in his blog, Krebs on Security.

Zach Wikholm, a research developer with the security firm Flashpoint, said an estimated 500,000 Hangzhou Xiongmai devices are believed to be vulnerable to such attacks.

It may be impossible to prevent all such attacks, he said, but consumers and manufacturers can take steps to prevent devices from being left vulnerable to infiltration. Consumers have to be proactive in researching devices they purchase and making sure to password protect and upgrade those devices.

“The majority of devices are relatively simple to update, but the devices that are problematic are the ones where it is not simple to figure it out,” he said.

Manufacturers need to take the next step to recall or redesign devices that make it impossible or difficult to upgrade and secure.

While it remains unknown exactly who was behind the cyberattack against Dyn, security analysts hope that the publicity generated by the hack will prompt manufacturers and consumers to take internet security more seriously.

“It may be out of this attack that we can take from it, let’s move forward,” Mr. Wikholm said.

LOAD COMMENTS ()

 

Click to Read More

Click to Hide