Poor Security Exploited: Could Your Devices Be In Danger?
The concept of a web search engine is nothing new to the society in which we live. The first Internet search engines go back as far as the early 1990's, and have evolved into what they are today: software code that is designed to find user input string on the world wide web.
While we think of common search engines, like Google and Bing, as useful and friendly resources there are less common search engines that can be used to cause harm and exploit poor security. Specifically, the search engine Shodan searches the "back channels" of the world wide web. The search provides data about devices linked to the Internet, such as traffic cameras, printers, web cameras and routers.
A simple search can pick up on nearly any device connected to the Internet. Several demonstrations of the search have been performed, and it has been around for approximately three years. Searches using Shodan have presented results that include command and control systems for nuclear power plants, car washes, gas stations, water parks and even garage doors. During a cyber security conference, a penetration tester demonstrated how Shodan could find an entire city's traffic control system and put it in "test mode" with a single command entry. More commonly, typing "default password" or "admin" into the search will bring up several devices that use default user name and password settings.
While the site has only recently gained popularity and attention from people outside of cyber security, specialists and testers have been using Shodan and similar databases to help identify and strengthen potential security failures.
So how does a device end up on Shodan?
It is common that companies (and individuals) will invest in systems that will allow them to control certain devices and settings remotely using a computer. Most of the time, the devices are inadvertently shared on the Internet, and with proper risk management, this can be avoided. One subtle thing that can be done to avoid the exploitation of said devices is to have a dedicated web server, and only plug necessary devices into that web server. This is a mistake that several people can make, and unknowingly share their devices via web. Another subtle thing companies (and individuals) can do is to avoid using default user names and passwords. While not changing these settings may be convenient at first, you may regret it if the wrong person gains access your device.
Presently, Shodan is most commonly used by law enforcement, cyber security processionals, and for academic purposes. But since the search engine made CNN news on Monday, it is likely that a different group of users may be drawn to the system. With that said, be smart. Protect your data and your devices.
While we think of common search engines, like Google and Bing, as useful and friendly resources there are less common search engines that can be used to cause harm and exploit poor security. Specifically, the search engine Shodan searches the "back channels" of the world wide web. The search provides data about devices linked to the Internet, such as traffic cameras, printers, web cameras and routers.
A simple search can pick up on nearly any device connected to the Internet. Several demonstrations of the search have been performed, and it has been around for approximately three years. Searches using Shodan have presented results that include command and control systems for nuclear power plants, car washes, gas stations, water parks and even garage doors. During a cyber security conference, a penetration tester demonstrated how Shodan could find an entire city's traffic control system and put it in "test mode" with a single command entry. More commonly, typing "default password" or "admin" into the search will bring up several devices that use default user name and password settings.
While the site has only recently gained popularity and attention from people outside of cyber security, specialists and testers have been using Shodan and similar databases to help identify and strengthen potential security failures.
So how does a device end up on Shodan?
It is common that companies (and individuals) will invest in systems that will allow them to control certain devices and settings remotely using a computer. Most of the time, the devices are inadvertently shared on the Internet, and with proper risk management, this can be avoided. One subtle thing that can be done to avoid the exploitation of said devices is to have a dedicated web server, and only plug necessary devices into that web server. This is a mistake that several people can make, and unknowingly share their devices via web. Another subtle thing companies (and individuals) can do is to avoid using default user names and passwords. While not changing these settings may be convenient at first, you may regret it if the wrong person gains access your device.
Presently, Shodan is most commonly used by law enforcement, cyber security processionals, and for academic purposes. But since the search engine made CNN news on Monday, it is likely that a different group of users may be drawn to the system. With that said, be smart. Protect your data and your devices.
Comments
Post a Comment