Hacking into a smart house.

Hacking into a smart house.

Smart home appliances – highly specialized devices. A smart outlet or thermostat obviously doesn’t need a powerful processor, and the amount of memory is usually expressed in kilobytes.

Accordingly, you will not install an antivirus on such device. And a firewall or other means of protection on the device level is unlikely to implement.



The second problem is passwords. Many IP cameras and other gadgets come with standard passwords. The manufacturer, of course, asks you to change it. Do you think many people change it? Even specialists sometimes forget about it. Or they are just lazy.

Finally, they crack the control center. Its functions can be performed by a smartphone, tablet, smart TV or refrigerator (in fact, a regular refrigerator + built-in tablet). Accordingly, if you access the control center, you can drain any data from the system.

How bad is any smart gadget dangerous? Is any smart gadget dangerous?

People’s favorite Hikvision and its cameras are hacked in one go.

Minimal damage from hacking into a smart home – scammers can use your Internet connection for free. There’s more. Interception of data from the network, including logins, passwords and so on. Sensitive information is usually encrypted by browsers and smartphones, but vulnerabilities are everywhere.



The smarter the home, the closer are the consequences of the crack to the apocalypse. If you are smart with everything from doors and windows to thermostats, lighting and water heaters, a break-in can be really life-threatening.

It’s a simple example: Samantha and Lamont Westmoreland of Milwaukee, Wisconsin, bought an intelligent thermostat, doorbell and Google Nest video camera. The hackers hacked into their home network and set up a couple of real hell. They turned on terrible music through the camera and started talking to the victims through a gadget, then raised the temperature to 32 degrees.

At first the Westmorelands thought it was some kind of malfunction, but then they suspected something wrong. They changed the password, and it didn’t help. They had to call their ISP and set up a new network ID.

The couple got off easy. If hackers had blocked smart windows and doors, and then raised the temperature, they could have engaged in extortion, literally threatening the life and health of the owners of a smart home. And so it’s just a little hooliganism.

They didn’t do anything on Google. I’m telling you, it was your fault. Set up a two-factor authentication, and you’ll be happy.

Another terrible threat is smart cars. If with a rise in temperature in the room, you can usually do something else, then if you hack into the on-board computer of the car running at speed, it will be a disaster.

And for unlocking the doors, they can extort money. Especially if it’s comparable to the price of new glass.

Andrew Tierney and Ken Munroe from Pen Test Partners have developed a blackmailer program for a smart thermostat. Its capabilities were demonstrated at the conference DefCon.

Researchers explained: the popular thermostat (not named brand) runs on the Linux kernel. It does not check which files it runs. If the owner wants to change the image on the thermostat’s display, he can run a pre-copied malware instead of the image.

As a result, the hacker can control the temperature of the thermostat or block the device so that the owner can not do anything. Many people find it easier to pay than to fight.

Smart locks are also under threat

.

Smart locks are usually opened in different ways:

  • recognize the smartphone the owner who came to the door by Bluetooth,
  • remote – by the command in the application sent via the Internet
  • voice command, which perceives the voice assistant in the smartphone and transmits to the smart device.

The data being transmitted is encrypted, but this is not enough.

For example, if your iPad or iPhone is near a locked door, nothing prevents thieves in the driveway from saying, “Hello, Siri. Open the door!” Smart lock, knowing that the owner (or rather his gadget) is nearby, no problem to let criminals in.

Usually voice commands are only perceived by an unlocked device. But here again, “woe from madness”: many users remove the lock from devices that use only at home.

You can break a smart lock, and if you infect your smartphone or tablet with a virus. The malware can intercept the lock control and simulate an action to open it.

It is easier than intercepting and decrypting encrypted data packets.
Another option – some models have a physical button that authorizes the new device. If one of your guests uses this method, they will make the lock recognize their smartphone as trusted. And when your vigilance is put to sleep, it will break into the room.

Home-Internet Cameras – Perp-Finding-Together.

Most IP camera models can be configured very simply: just connect the gadget to your home network and then go to a specific IP address in your browser or install the manufacturer’s application on your smartphone.

Newer models typically use an encrypted https connection. Older and/or cheaper cameras exchange data with your smartphone through a cloud service.

The cameras send unencrypted requests to the cloud. It is not difficult to retrieve the session identifier, with which the traffic is encrypted. Especially if the hacker has connected to the same Wi-Fi.

Much more dangerous than that: on many cameras the manufacturer sets standard and/or unchangeable password (root, etc.). Knowing the IP, manufacturer and model of the camera, the hacker can download software for it from the manufacturer’s website, find this password and get full access to to the gadget.

But there is also relatively good news. Your IP camera will be hacked not to spy on you, but to DoS and popular resources or mainstream cryptographic software. Although if your camera suddenly starts doing something like the one shown in the video, don’t be surprised:

The clue is simple: a woman bought a Chinese used camera to keep an eye on her puppy while he was at work. The camera’s video stream was accessed directly from the manufacturer’s website.

Another option is to hack through ports. Often users open a certain port on the router to connect to their home camera over the Internet. This opens a window of opportunity for hackers.

In the same list – exploits to access the camera control panel. They allow, in particular, to extract unencrypted video from device drives.

Finally, many manufacturers leave the service inputs to the cameras. They are accessible through a browser. For example, Foscam has an address in the format xxxxxx.myfoscam.org:88, at the beginning two letters and four digits must be substituted.

Smart cameras available on the Internet for anyone with bad intentions.

The Shodan search engine can find tens of thousands of cameras that are “available” for hacking. Queries like netcam city:Moscow, netcam country:RU, webcamxp geo:55.45,37.37 to Shodan will also show a lot of interesting things.

You can also search on Google. Examples of queries:

  • inurl: “wvhttp-01”
  • inurl: “viewerframe?mode=”
  • inurl: “videostream.cgi”
  • inurl: “webcapture”
  • inurl: “snap.jpg”
  • inurl: “snapshot.jpg”
  • inurl: “video.mjpg”

In ZoomEye cameras are shown at device:webcam or device:media device requests. This is a special search engine for the Internet of things.

Analog: Censys. Request 80.http.get.body: “DVR Web Client” will show the list of cameras connected to IP video recorders. By request metadata.manufacturer: “axis” see Axis cameras.

And the owners of these cameras do not know anything. But no, what do you, keep buying cool Hlaomi baby monitors from Aliexpress for the price of two digmaks.

And smart bulbs aren’t safe

White hackers Colin O’Flynn and Eyal Rowanen have tangibly hacked into popular smart Philips Hue lamps. They found a vulnerability in the Hue Bridge, through which the bulbs are controlled, and controlled them from a distance of up to 200 m .

Flashing other people’s bulbs – what could be better? But it’s half-measures. How much worse would it be if hackers intercepted or substituted data packets that are sent inside a home network without protection.

In the experiment, Rowanen and O’Flynn made the light bulbs flash at over 60 Hz. The human eye can’t detect this, but a telescope with a special light sensor mounted across the window is fine.

Of course, the data will be transmitted a little – up to 10 KB per day. But it is quite enough for stealing logins and passwords.

You can also introduce malware into your home system through lamps. The bridge communicates with devices using encrypted wireless standard ZigBee. Hackers have long since put the main key to it on the Internet. Since the devices inside the network don’t control the signature of the transmitted data when updating the firmware, you can run a fake update and conduct DoS attacks, for example.

Philips has already closed the vulnerability and released a patch for the bridge software and mobile application. But who knows how many more holes there are in this and other vendors’ software?

By the way, you can also crack smart devices with a drone . It already smells like industrial espionage.

Maybe even hack into mail through the fridge

Internet system developers make things as simple as possible to save resources and time. The result is holes here and there.

The release of the intelligent Samsung RF28HMELBSR chiller was a big breakthrough. But when Pen Test Partners researchers found out that it does not check SSL certificates when setting up an SSL connection, they sounded an alarm.

The vulnerability allowed to conduct MITM attacks (“man in the middle”). And since the display of a smart fridge displayed information from the “Google Calendar”, an intruder who hacked into a smart device and connected to the same network, could steal the account from e-mail and other services.

It’s easy enough to connect to the network where the refrigerator is located. For example, it is possible to create a fake Wi-Fi access point or organize deauthentication of a real user.

How much mass hacking devices for a smart home?
The attack on IoT systems is increasing. In the first half of 2019, smart homes and industrial systems attacked on average 20 thousand times in 15 minutes.

They mainly attacked the TCP service – through it tried to reach remote administration systems based on Telnet and RDP, servers and databases. Researchers installed 50 hanipotov (points where they specifically left vulnerabilities to collect data on attacks). They calculated that since the beginning of the year these points have attacked 105 million times with 276 thousand unique IP addresses.

The main wave of attacks came from China – 30%. The second place was taken by Brazil (19%), which last year led the way. The top five are Egypt (12%), Russia (11%) and the United States (8%).

Here are the statistics for the first six months of 2018 and 2019:

Analysts have said that hackers use both password brute-force and known vulnerabilities. The most popular login/password pairs are support/support, admin/admin, default/default and root/vizxv (this pair is common in Chinese smart technology).

Most often hacked devices infect with malware of the family Mirai – it is easy to build it for any architecture of “iron”. Mirai makes a smart gadget part of a botnet and possibly an accessory to crime. It also infects Hajime, NyaDrop and Gafgyt (aka Bashlite).

In no case do not leave default passwords on smart devices. Set a complex password for the smart home control panel, as well as the home Wi-Fi network and the router itself. If you control your devices through a browser, use a VPN – for example, the one built into the Opera browser.

Update the software on smartphones, tablets and gadgets in the smart home in a timely manner.

Use two-factor authentication where possible. And do not jailbreak iOS. It’ll potentially allow you to get full access to the system.

Use specialized controllers (based on Raspberry Pi, for example) to manage your smart home. They are less susceptible to hacking and deeper tuning.

Don’t buy Chinese know-how, especially security devices: smart locks, IP cameras and the like. Of course, these gadgets are cheaper, but hacking them is one thing. And you usually can’t wait for firmware updates.

Set the filtering by region for access to your home network. IP address ranges by cities are available, for example here.

Finally, encrypt the traffic within your home network. Activate on the router WPA/WPA2 – Personal, use a secure connection.

Bonus: Could even be hacked accidentally

.


34 Views

0 0 vote
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments


Do NOT follow this link or you will be banned from the site!
0
Would love your thoughts, please comment.x
()
x

Spelling error report

The following text will be sent to our editors: