Refrigerators That Attack And Other Bizarre Hacking Threats
Software Security Flaws Have Significant Consequences
Any business that has experienced a high-profile data breach is aware of the costly damage a single flaw or employee mistake can have on the bottom line. But the dangers can be even more severe if the vulnerability is in the systems behind many transportation, communication and health-care devices. At the very least, the systems can be manipulated to commit fraud. At the other end of the spectrum, the loss could be catastrophic. Fortunately, security researchers are increasingly probing these vulnerabilities to uncover software weaknesses in an attempt to get manufacturers to make improvements. CRN pulled together 10 bizarre, but true, security hacking threats.
Furby Scare
The adorable fuzzy toy was introduced in 1998 and instantly gained popularity due to the savvy programing that made the cute owl-looking character appear to learn English. The toy wasn't viewed as being very warm and cuddly by the National Security Agency, however, which feared that its surveillance activities would be compromised. An NSA internal memo warned of the security dangers the Furby posed and banned it from its offices, worried that employees would take their Furby home and it would start repeating classified information, according to a BBC report that quoted an anonymous source.
Hotel Room Gremlins
A security researcher recently demonstrated a way to take control of the lights, temperature, TV and stereo systems in hundreds of rooms at the St. Regis Hotel in Shenzhen, China. Jesus Molina targeted the Apple iPad automation app provided to users at the five-star hotel and triggered do-not-disturb lights to flash on in about 250 rooms at the hotel. The automation system that the app connected with to provide guests with remote-control capabilities also was insecure, said Molina, an independent security researcher and former security researcher at Fujitsu Laboratories of America. The automation feature was disabled. In response, software maker KNX Association is adding support for authentication and encryption.
Pacemaker, Insulin Pump Assassination
The threats to tiny embedded systems, often described as the Internet of Things, is gaining the attention of security researchers. Embedded systems can take many forms, including medical devices, and they often lack security controls. They typically have a very tiny footprint and run a custom application on a version of Linux. Medical device security was the subject of research for the late Barnaby Jack, a prominent security researcher and New Zealand native who demonstrated a way to manipulate insulin pumps and dispense lethal doses of insulin from up to 300 feet away. Just prior to his death, Jack was to demonstrate a security weakness that enabled an attacker to remotely shock a pacemaker from a remote distance. It was a threat only previously seen in television shows ’Almost Human’ and ’Homeland.’
Zombie Apocalypse Road Signs
Hackers have increasingly taken advantage of the failure of government employees to lock access to road sign control panels or, worse, failing to change the default password to the embedded system that controls them. The longstanding issue is such a problem that it is a felony in most states. The most popular message on hacked signs say, "Warning, Zombies Ahead." The feds even used the zombie threat to offer advice on how to prepare for any emergency, with zombie preparedness tips on the official Centers for Disease Control and Prevention website.
Baby Spying
The significance of software vulnerabilities and the lack of minimal safeguards in everyday products became immediately apparent to a Cincinnati, Ohio, couple who heard a man screaming through their monitor, saying, ’Wake up baby!’ to their sleeping 10-month-old last April. The couple had failed to upgrade the software in the device to support encryption and left the device password in default mode, according to NBC, citing a statement from Foscam, the maker of the video monitor.
Printers Catching Fire
In a dramatic proof-of-concept demonstrating how to gain remote access to Hewlett-Packard printers, security researchers at Columbia University overburdened a printer ink heating element, eventually making the paper turn brown and smoke, according to MSNBC, which first reported on the research. The attack was meant to highlight the ability of an attacker to remotely access a printer and install malicious software that could steal sensitive data or disable it. The attack used the printer’s remote upgrade function, a feature that an HP spokesman said was not widely available and protected from remote attack since printers are typically behind a firewall. HP and other printer makers also have a safety mechanism to disable the device if it is overheated.
Cap'n Crunch And Phreaking Fraud
John Draper, a notable software developer and hacker, is also known as ’Captain Crunch’ for taking a toy whistle out of a Cap'n Crunch cereal box in the mid-1960s and using a tone it created to make free calls on payphones. The sound emitted from the whistle was at the correct frequency used to gain access to the AT&T system, which was controlled by tones. Draper later built a device to help other hackers, known as phreakers, more easily gain access. The hackers were taking advantage of a weakness associated with in-band signaling. Draper served five years' probation for toll fraud charges and later served prison sentences for phone fraud in the 1970s.
Attacking Refrigerators
In January, Proofpoint, an email archiving and security vendor, said it uncovered a attack campaign that uses refrigerators, TVs and other unusual Internet-enabled devices to send out up to 750,000 phishing and spam emails. The company said the campaign it observed sent out bursts of 100,000 messages, three times per day, between Dec. 23, 2013, and Jan. 6, 2014. The company's press release generated a lot of attention and it estimated that 25 percent of the volume it observed came from smart appliances and other devices, including refrigerators, TVs and home-networking routers. But security experts from Symantec and other security firms say the attack may have looked like it came from Internet-enabled appliances, but it was more likely a home computer generating the spam. The traffic may have looked confusing, they said because of the port-forwarding used in most home-based routers. Proofpoint stands by its finding.
Haywire Traffic Signals
A scene from the movie "Live Free or Die Hard" in which traffic signals were manipulated to cause gridlock inspired one security researcher to take on the challenge. Manipulating traffic control systems is possible, according to security researcher Cesar Cerrudo, who serves as chief technology officer at IOActive. Cerrudo discovered a vulnerability in the wireless sensors used by traffic control systems and deployed in the thousands in Seattle, New York, and Washington, D.C, and cities in 45 U.S. states. The vulnerable equipment is buried in roads around the world that anyone can hack, said Cerrudo, who gave a presentation at the DefCon hacking conference in August. The security researcher said the wireless sensors sent data in clear text and contained no authentication mechanism, making the system easy to access and manipulate. In an earlier hack, Cerrudo used a drone to demonstrate how he could exploit vulnerabilities in devices connected to air traffic control systems in the U.S., the U.K., France and other countries and send phony information to traffic control operators. The attack could cause catastrophic damage, he said, adding that the hardware costs $100 or less.
Cloning Subway Rides
Jumping a turnstile when the fare collector is busy is old-fashioned. Vulnerabilities in the subway fare payment system used by the Massachusetts Bay Transportation Authority got widespread attention when the agency attempted to stop three MIT students from talking about their published academic paper describing the weaknesses in 2008. The lawsuit was thrown out after the scheduled DefCon presentation. The students were able to access the magnetic stripe and RFID card payment systems and cloned them to manipulate the balance on their cards using a magnetic card reader. The paper found that the agency had no centralized management system to verify the authenticity of cards used by subway riders. A second federal lawsuit against the students was dismissed by MBTA officials in 2009 after the students agreed to work together to help improve the security in the fare collection system.