Share

Cyber attacks: how your devices can be used

Paris, May 21, 2017 (AFP) -The massive global cyber attack that wreaked havoc in computer systems earlier this month caused plenty of visible disruption, not least in Britain's National Health Service.

But in the brave new inter-connected world heralded by the internet of things (IoT), so-called "ransomware" attacks could have as their source something quite mundane and yet present in ever more modern households.

In a not so far-off future, the source of a software glitch with serious consequences for the simple consumer could be anything from a connected coffee machine or refrigerator to a techie toy or an outsmart-you television.

Web-connected gadgets are becoming all the rage with tech-aware professionals.

But the mere idea that it only needs a hacker to give the software a malevolent tweak to send them on the blink with disastrous consequences may yet threaten the development of such goods' popular take-up.

"Regarding last weekend's attack there is no risk for connected objects. That in particular hit systems running Windows ...and today there are no mass market gadgets with Windows loaded in order to function," says Gerome Billois, a consultant with Wavestone.

"In contrast, there have already been massive attacks on connected objects," Billois told AFP.

The Mirai malware strain made from hacked IoT devices including badly secured routers and internet connected cameras recently infected hundreds of thousands of poorly secured connected objects.

The idea was not to stop them from working but to transform them into zombies or botnets with a view to using them as relay stations for future cyber attacks.

Last week at a timely cyber security conference in The Netherlands, American wunderkind Reuben Paul, just 11, stunned an audience of security experts by hacking into a teddy bear via bluetooth to show how interconnected smart toys "can be weaponised".

His prowess showed just how easy it is for tech savvy individuals to use everyday objects to harvest data or use them as spy holes for covert surveillance.

According to documents released in March by Wikileaks, US intelligence can hack smartphones, computers and smart, web-connected TVs, to pilot them and eavesdrop.

"All the other connected objects can be pirated, that has been shown, be it a coffee machine, a refrigerator, a thermostat, electronic entry systems, the lighting system...," warns Loic Guezo, a cyber security analyst for southern Europe with Japanese security software company Trend Micro.

Mikko Hypponen, head of research at Finnish security specialists F-Secure, has for his part come up with his eponymous Hypponen's Law.

This states that "once a device is described as 'intelligent', you can consider it as vulnerable."

Neglected security

The future might well spell connected cars - but they too are subject to potential remote hacking, the consequences of which barely need stating.

When hackers lurking with their laptops have finished conjuring what havoc they might wreak on distant roads there are plenty of other things to which they could turn their attention.

These include vases which tell you when they need fresh water, insulin pumps - or how about sex toys?

So, the worried tech consumer may be asking him or herself - can a cyber hacker deprive me of my morning slug of caffeine?

Or maybe keep my thermostat blocked at 10 Celsius - a chilling thought - or even take over my GPS if I don't hand over a ransom?

Theoretically, yes, specialists tell AFP.

"The logic of a cybercriminal is to make money," says Wavestone's Billois. Such an individual will not feel the need to make do with small-scale attacks.

Connected TVs, having rapidly become widespread, are an ideal portal for making ransom demands.

"Tomorrow, one can imagine devices which attack your connected house, bringing it under control, and then you get sent a message by another channel," muses Guezo.

All that would required would be to perfect the sort of virus one can find on offer within the murky confines of the "darknet", off the beaten track for day to day netizens.

Cyber security specialists are very much aware of the need to keep working on solutions offering protection as more and more homes go "smart" and "connected" with various boxes as add-ons to their usual routers.

The specialists' plan is to work with the makers of connected goods in order to incorporate a security interface right from the start, thereby offering what the profession calls "security by design".

Some experts feel that, in the rush to bring fascinating and cutting edge technologies into the home, the need for commensurate security has been rather left behind.

"It is extremely difficult to calculate the solidity of a connected object in terms of cybersecurity," Billois regrets.

"As a consumer it is today impossible to know if you are buying a secure connected object or not," he adds.

"There's no label such as a made in Europe kind of tag guaranteeing an object won't catch fire, or won't pose a risk to children."

Read Fin24's top stories trending on Twitter:

We live in a world where facts and fiction get blurred
Who we choose to trust can have a profound impact on our lives. Join thousands of devoted South Africans who look to News24 to bring them news they can trust every day. As we celebrate 25 years, become a News24 subscriber as we strive to keep you informed, inspired and empowered.
Join News24 today
heading
description
username
Show Comments ()
Rand - Dollar
18.90
+0.2%
Rand - Pound
23.86
+0.2%
Rand - Euro
20.36
+0.3%
Rand - Aus dollar
12.31
+0.2%
Rand - Yen
0.12
+0.2%
Platinum
908.05
0.0%
Palladium
1,014.94
0.0%
Gold
2,232.75
-0.0%
Silver
24.95
-0.1%
Brent-ruolie
87.00
+1.8%
Top 40
68,346
0.0%
All Share
74,536
0.0%
Resource 10
57,251
0.0%
Industrial 25
103,936
0.0%
Financial 15
16,502
0.0%
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on News24.

LEARN MORE
Government tenders

Find public sector tender opportunities in South Africa here.

Government tenders
This portal provides access to information on all tenders made by all public sector organisations in all spheres of government.
Browse tenders