sábado, 27 febrero 2021
Visitas totales a la web: 86375061

El portal de los profesionales de seguridad y emergencias

Nº 1 del mundo en español en seguridad global

Soluciones de seguridad global

Smart Device Hacks Are Up Since the Pandemic Started

Alia Malik

Cybersecurity researchers say smart devices are playing an increasing role in attacks against organizations. With many working remotely, unsecured smart devices offer an unprecedented vector for attack.

As the coronavirus pandemic spread this year, brilliant colored dots proliferated across an interactive map on a big screen in a University of Texas at San Antonio lab.

They were tracking infections of the cyber variety, which were spreading wildly too — in “smart devices” such as security cameras, thermostats, digital video recorders and baby monitors.

Attacks on objects, other than computers, that connect to the Internet more than doubled compared to the months before the pandemic emerged, according to research led by Elias Bou-Harb, associate director of the Cyber Center for Security and Analytics at UTSA’s business school.

Experts believe nine out of 10 smart devices send unencrypted information across the Internet. The swelling number of people working from home provides an ideal environment for hackers, who can jump from smart devices to machines that log into organizations’ networks, Bou-Harb said.

“The devices are being pushed to the market with little security in mind,” he said. “They’re vulnerable to basic attacks.”

Bou-Harb and a team of researchers have been analyzing network traffic worldwide. On any given day, they can see hundreds, if not thousands, of undetected hacks in smart devices in the United States alone.

Now UTSA’s Cyber Center is improving on its database with the goal of detecting smart device hacks in real time and notifying organizations or Internet service providers of vulnerabilities. That system could be operational by the end of the year, Bou-Harb said.

The researchers are also building infrastructure to narrow their findings to smaller geographic areas, such as San Antonio, Austin or Houston, for the public.

“I’m really looking forward to having our system where we can start making an impact on cybersecurity here in San Antonio, and in the United States and all over,” Bou-Harb said.

UTSA’s Cyber Center leverages data from the U.S. Department of Homeland Security and the University of California San Diego, which together built a “network telescope” that uses sensors to capture a large sample of malicious traffic — 100 gigabytes per hour. But UTSA’s center is unique in using the data to analyze attacks on smart devices, while most other cybersecurity experts use it to address computer hacks, Bou-Harb said.

Once the cybersecurity center had the network telescope data, researchers used it to map hacks using different colored dots, with red circles indicating the greatest volume of malicious activity. Morteza Safaei Pour, a doctoral student, has been working on the map for more than two years.

The goal is for average people to see and understand the data, said Nicole Beebe, the center’s director.

Some hacks on smart devices are sponsored by foreign governments that use botnets, or networks that run orchestrated malicious scripts, compromising thousands of devices daily, Bou-Harb said. A few such campaigns targeted smart devices in the medical sector, he said. Smart devices can also be infected in water, power and manufacturing facilities.

Attacks on medical devices more than doubled worldwide during the pandemic, Bou-Harb said. The researchers found exploited devices in at least 72 hospitals and clinics around the world, including at least six in the United States. In one case, a medical imaging device in an operating room was compromised, Bou-Harb said.

“That device could continue to function normally, but at any time, the operator could tell the device to malfunction,” he said.

Bou-Harb’s project has received a National Science Foundation grant to continue until 2022 and possibly longer. His team of a half-dozen researchers collaborates with a handful of others in Canada.

Through federal funding, they acquired servers to run a smaller amount of data at UTSA. In an innovative method, they taught machines to identify patterns in network traffic that flag compromised devices, Bou-Harb said. Then they can scan to get identifying information about the hacked devices and log their findings in a database.

When the system is complete, they will be able to notify consumers, organizations or service providers such as Comcast or Spectrum if smart devices on their networks have been hacked, Bou-Harb said.

The lab is working on ways to determine how devices were compromised and how to fix vulnerabilities remotely. But Bou-Harb also wants to teach the public about heightened risks that come with smart devices and about basic protection strategies, such as restarting the equipment and updating servers.

“We would like the non-technical society to be aware not to adopt these technical devices blindly,” he said. “Keep an eye on your devices.”

Fecha de publicaciónseptiembre 11, 2020

BELT.ES no se hace responsable de las opiniones de los artículos reproducidos en nuestra Revista de Prensa, ni hace necesariamente suyas las opiniones y criterios expresados. La difusión de la información reproducida se realiza sin fines comerciales. 

Listado de Expertos

Recomendado

Profesión militar: Obediencia debida frente a la obligación de disentir

Con ocasión de la realización de estudios en el Instituto Universitario Gutiérrez Mellado tuve la ocasión de leer y analizar una serie de documentos de opinión que trataban en profundidad las diferentes facetas presentes en el campo de las relaciones cívico-militares; temas que , habitualmente, no han estado presentes en los diferentes cursos y actividades formativas en la enseñanza militar, ni, por supuesto, en la civil.

El paracaidista español que humilló a los «temibles» espías soviéticos

Joaquín Madolell, natural de Melilla y militar del Ejército del Aire, desarticuló la mayor red del espionaje...

El amor de Macarena Olona por la Guardia Civil empieza por su pareja, un joven oficial condecorado

El padre de su hijo llegó a la Benemérita como militar de carrera y, los que le...

Últimas noticias

La mortífera táctica sorpresa de los Tercios españoles para acabar con sus enemigos

La encamisada, una operación especial de alto riesgo, consistía en infiltrarse en el cuartel enemigo por la...

‘Mi mochila de emergencias’ (consejos de supervivencia para madrileños)

Si no estuviéramos en 2021, este kit apocalíptico sonaría a broma. Pero no están las cosas últimamente por la capital para pasar...

Drones y bombas que ‘hablan’: la IA es la gran revolución militar, y nadie está al mando

El camino por recorrer con estas tecnologías es largo, pero se avanza a velocidad de vértigo. Hay proyectos en varios puntos del...

Estrategia Nacional Contra el Terrorismo. 2019

Resumen Ejecutivo Este documento nace de la voluntad de constituirse en el marco político estratégico en la lucha contra...

Remote Workers Admit Lack of Security Training

A third of remote working employees have not received security training in the last six months. According to a...