viernes, 23 octubre 2020
Visitas totales a la web: 86117004

El portal de los profesionales de seguridad y emergencias

Nº 1 del mundo en español en seguridad global

Soluciones de seguridad global

Smart Device Hacks Are Up Since the Pandemic Started

Alia Malik

Cybersecurity researchers say smart devices are playing an increasing role in attacks against organizations. With many working remotely, unsecured smart devices offer an unprecedented vector for attack.

As the coronavirus pandemic spread this year, brilliant colored dots proliferated across an interactive map on a big screen in a University of Texas at San Antonio lab.

They were tracking infections of the cyber variety, which were spreading wildly too — in “smart devices” such as security cameras, thermostats, digital video recorders and baby monitors.

Attacks on objects, other than computers, that connect to the Internet more than doubled compared to the months before the pandemic emerged, according to research led by Elias Bou-Harb, associate director of the Cyber Center for Security and Analytics at UTSA’s business school.

Experts believe nine out of 10 smart devices send unencrypted information across the Internet. The swelling number of people working from home provides an ideal environment for hackers, who can jump from smart devices to machines that log into organizations’ networks, Bou-Harb said.

“The devices are being pushed to the market with little security in mind,” he said. “They’re vulnerable to basic attacks.”

Bou-Harb and a team of researchers have been analyzing network traffic worldwide. On any given day, they can see hundreds, if not thousands, of undetected hacks in smart devices in the United States alone.

Now UTSA’s Cyber Center is improving on its database with the goal of detecting smart device hacks in real time and notifying organizations or Internet service providers of vulnerabilities. That system could be operational by the end of the year, Bou-Harb said.

The researchers are also building infrastructure to narrow their findings to smaller geographic areas, such as San Antonio, Austin or Houston, for the public.

“I’m really looking forward to having our system where we can start making an impact on cybersecurity here in San Antonio, and in the United States and all over,” Bou-Harb said.

UTSA’s Cyber Center leverages data from the U.S. Department of Homeland Security and the University of California San Diego, which together built a “network telescope” that uses sensors to capture a large sample of malicious traffic — 100 gigabytes per hour. But UTSA’s center is unique in using the data to analyze attacks on smart devices, while most other cybersecurity experts use it to address computer hacks, Bou-Harb said.

Once the cybersecurity center had the network telescope data, researchers used it to map hacks using different colored dots, with red circles indicating the greatest volume of malicious activity. Morteza Safaei Pour, a doctoral student, has been working on the map for more than two years.

The goal is for average people to see and understand the data, said Nicole Beebe, the center’s director.

Some hacks on smart devices are sponsored by foreign governments that use botnets, or networks that run orchestrated malicious scripts, compromising thousands of devices daily, Bou-Harb said. A few such campaigns targeted smart devices in the medical sector, he said. Smart devices can also be infected in water, power and manufacturing facilities.

Attacks on medical devices more than doubled worldwide during the pandemic, Bou-Harb said. The researchers found exploited devices in at least 72 hospitals and clinics around the world, including at least six in the United States. In one case, a medical imaging device in an operating room was compromised, Bou-Harb said.

“That device could continue to function normally, but at any time, the operator could tell the device to malfunction,” he said.

Bou-Harb’s project has received a National Science Foundation grant to continue until 2022 and possibly longer. His team of a half-dozen researchers collaborates with a handful of others in Canada.

Through federal funding, they acquired servers to run a smaller amount of data at UTSA. In an innovative method, they taught machines to identify patterns in network traffic that flag compromised devices, Bou-Harb said. Then they can scan to get identifying information about the hacked devices and log their findings in a database.

When the system is complete, they will be able to notify consumers, organizations or service providers such as Comcast or Spectrum if smart devices on their networks have been hacked, Bou-Harb said.

The lab is working on ways to determine how devices were compromised and how to fix vulnerabilities remotely. But Bou-Harb also wants to teach the public about heightened risks that come with smart devices and about basic protection strategies, such as restarting the equipment and updating servers.

“We would like the non-technical society to be aware not to adopt these technical devices blindly,” he said. “Keep an eye on your devices.”

Fecha de publicaciónseptiembre 11, 2020

BELT.ES no se hace responsable de las opiniones de los artículos reproducidos en nuestra Revista de Prensa, ni hace necesariamente suyas las opiniones y criterios expresados. La difusión de la información reproducida se realiza sin fines comerciales. 

Listado de Expertos

Recomendado

Profesión militar: Obediencia debida frente a la obligación de disentir

Con ocasión de la realización de estudios en el Instituto Universitario Gutiérrez Mellado tuve la ocasión de leer y analizar una serie de documentos de opinión que trataban en profundidad las diferentes facetas presentes en el campo de las relaciones cívico-militares; temas que , habitualmente, no han estado presentes en los diferentes cursos y actividades formativas en la enseñanza militar, ni, por supuesto, en la civil.

El paracaidista español que humilló a los «temibles» espías soviéticos

Joaquín Madolell, natural de Melilla y militar del Ejército del Aire, desarticuló la mayor red del espionaje...

Mascarillas falsas llenan tiendas y farmacias: cómo saber si la tuya lo es y qué riesgo tienen

Higiénicas, quirúrgicas, FFP... Estos términos hace dos meses no nos sonaban de casi nada a la mayor parte de los ciudadanos, y menos si nos decían que esto tenía algo que ver con mascarillas.

Últimas noticias

El Ejército quiere descongestionar Madrid y llevar bases a la España vaciada

Los planes para trasladar un regimiento a Zamora y otro a Burgos o crear un gran centro logístico tropiezan con la falta de financiación.

El Día de las Fuerzas Armadas 2020, que finalmente tuvo que suspenderse debido a la pandemia de coronavirus, estaba previsto el pasado 30 de mayo en Huesca. El Ministerio de Defensa eligió esta ciudad para exhibir el éxito de una operación sin precedentes: el traslado del Cuartel General de la División Castillejos desde Madrid al Prepirineo aragonés.<

Pilar Mañas, primera jefa de unidad del Aire, en el 12-O: “En el Ejército no hay techos de cristal”

Comandante del Ejército del Aire: "Este 12 de octubre estaremos ahí con todo. Es el día de la Fiesta Nacional y estaremos apoyando...

7 requisitos para que una mascarilla proteja una jornada laboral de 8 horas

Según la guía de buenas prácticas en los centros de trabajo, publicada por el Ministerio de Sanidad, “no es imprescindible usar mascarilla...

Detienen en España a John McAfee, el excéntrico millonario pionero de los antivirus

John McAfee, el creador del famoso antivirus que lleva su apellido, fue arrestado este fin de semana en la ciudad de Barcelona,...

DIRECTRICES DE BUENAS PRÁCTICAS EN CENTROS LOGÍSTICOS Y ALMACENES

En este documento se recoge una selección no exhaustiva de recomendaciones y medidas de contención adecuadas para garantizar la protección de la salud de los trabajadores frente a la exposición al coronavirus SARS-CoV-2 en los centros logísticos y almacenes. Con carácter más general deben considerarse también las recomendaciones para la vuelta al trabajo recogidas en el documento “Buenas prácticas en los centros de trabajo.