top of page
Writer's pictureRich Lindberg

Millions of Windows and Linus Systems are Vulnerable to this ‘Hidden’ Cyber Attack

Updated: Apr 24, 2020

Hardware-level vulnerabilities or intentionally included back doors have been a problem for at least 20 years. The recently published Forbes article “Millions Of Windows And Linus Systems Are Vulnerable To This ‘Hidden’ Cyber Attack” cites only 5 years but, I can tell you first-hand that embedded hacking has existed and been published by 31,337 hacking groups for as long as I have been in InfoSec.


The major issue with firmware is that it can affect any device. It does not matter what Operating System is being used, so long as the hardware can be invoked in some way. While computers and smartphones are problematic, this problem highlights the “wild west” problem we have with the Internet of Things (IoT). The average person does not consider the range of attack surfaces this encompasses.


Examples of the Internet of Things in our everyday lives includes:

Consumer applications

  • Smart home devices

  • Senior care devices

Commercial applications

  • Medical and healthcare technology

  • Transportation

  • Vehicle-to-Everything (V2X) communication

  • Building and home automation

Industrial applications

  • Manufacturing

  • Agriculture

Infrastructure applications

  • Metropolitan scale deployments

  • Energy management

  • Environmental monitoring

Military applications

  • Internet of Battlefield Things (IoBT)

  • Ocean of Things (OoT)

To counter IOT threats, some recommended approaches include:

  • Patch management that incorporates firmware updates

  • Vendor risk management programs that include procurement from trusted sources

  • Endpoint protection that includes Endpoint Detection and Response (EDR)

  • Security Information and Event Management (SIEM)

  • Network Behavior Anomaly Detection (NBAD) (sometimes called NAD)

The US Government has long been concerned about chip-level root kits. This topic is something l organizations should pay close attention to. Beyond the normal occurrence of programming errors, there are a lot of ways to break into your professional and personal IOT environment. Don’t make it easy for the bad guys!


Want to learn more? Contact Nth Generation to find out how we can help you secure your data on IoT devices. Call (800) 548-1883 or email info@nth.com.


Comentarios


bottom of page