{"id":19370,"date":"2019-08-09T09:54:42","date_gmt":"2019-08-09T09:54:42","guid":{"rendered":"https:\/\/www.englishforums.com\/news\/?p=19370"},"modified":"2019-08-09T09:54:42","modified_gmt":"2019-08-09T09:54:42","slug":"russian-hackers-exploit-iot-devices","status":"publish","type":"post","link":"https:\/\/www.englishforward.com\/news\/russian-hackers-exploit-iot-devices\/","title":{"rendered":"Russian hackers exploit IoT devices"},"content":{"rendered":"<p><b>According to Microsoft officials, hackers deployed by the Russian administration have been utilizing IoTs such as video decoders and printers to infiltrate certain computer networks.<\/b><br \/>\n<b>This was noted after Fancy Bear servers started communicating with manipulated devices in a corporate system.<\/b><br \/>\n<span style=\"font-weight: 400\">IoT (Internet-of-things) devices have proven to be exceptional technological innovations in the current world but it could also be the vulnerable point for hackers to access various government agencies and schools without due protection.<\/span><\/p>\n<h2><b>Microsoft officials\u2019 IoT concerns<\/b><\/h2>\n<p><a href=\"https:\/\/msrc-blog.microsoft.com\/2019\/08\/05\/corporate-iot-a-path-to-intrusion\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">According to Microsoft Threat Intelligence Center<\/span><\/a><span style=\"font-weight: 400\">, these assets were access points utilized by hackers to establish their existence on the system. Upon entry, they continued searching for more entry spots.<\/span><br \/>\n<b>This happened through a straightforward network examination as this came in handy in detecting various insecure devices. As a result, high-privileged accounts were violated granting entry to considerable data.<\/b><br \/>\n<span style=\"font-weight: 400\">Moreover, after the hackers gained access, they sniffed the network traffic on various local subnets. Further exploration was also instigated after they enumerated administrative teams.<\/span><\/p>\n<h2><b>Hackers\u2019 prowess in IoT manipulation<\/b><\/h2>\n<p><span style=\"font-weight: 400\">The hackers had mastered their art because as they shifted from one IoT device to the next, they dropped an easy shelf script. This was undertaken so that the network\u2019s persistence could be established.<\/span><br \/>\n<b>As a result, extended access prevailed based on this manipulation. Scrutiny undertaken on the network traffic depicted the manner in which IoT devices were corresponding with an external control and command (C2) server.<\/b><br \/>\n<span style=\"font-weight: 400\">Following the communication of various IoT devices with Strontium servers, investigators from Microsoft were able to deduce the hacks in April.<\/span><br \/>\n<b>Notably, these servers belonged to APT28 or Fancy Bear, a hacking team deployed by the Russian administration. Additionally, this correspondence was happening from many client locations<\/b><br \/>\n<span style=\"font-weight: 400\">In some instances, the IoT devices were easily exploited. For instance, the hackers simply guessed the passwords as they were utilizing the manufacturer\u2019s ones.<\/span><br \/>\n<span style=\"font-weight: 400\">Additionally, the other IoT operated with aged firmware edition that had a familiar vulnerability.<\/span><\/p>\n<h2><b>Strontium behind the IoT attacks<\/b><\/h2>\n<p><span style=\"font-weight: 400\">Microsoft officials were certain that Strontium undertook the hacks, but the primary objectives were not known.<\/span><br \/>\n<b>In 2018, the FBI stipulated that this group also orchestrated the infection of various <\/b><a href=\"https:\/\/arstechnica.com\/information-technology\/2018\/06\/vpnfilter-malware-infecting-50000-devices-is-worse-than-we-thought\/\" target=\"_blank\" rel=\"noopener\"><b>consumer-grade routers <\/b><\/a><b>found in fifty-four (54) nations<\/b><span style=\"font-weight: 400\">.<\/span><br \/>\n<span style=\"font-weight: 400\">The malware utilized was called VPNFilter.\u00a0 Hacking and cyberattacks have become considerable threats in the IT and education fields.<\/span><br \/>\n<span style=\"font-weight: 400\">This can be depicted by cyberattacks occurring on academic systems. For instance, <\/span><a href=\"https:\/\/www.englishforums.com\/news\/pearson-cyberattack-13000-accounts\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">Lancaster University<\/span><\/a><span style=\"font-weight: 400\"> experienced a malware attack last week. Notably, its students\u2019 databases were accessed and this jeopardized their private information.<\/span><\/p>\n<h2><b>Hacking in schools<\/b><\/h2>\n<p><strong>Attackers sometimes get into protected wi-fi networks with dictionary attacks. This means they try to connect using a list of common passwords (&#8216;asdf&#8217;, &#8216;password&#8217;, &#8216;kitty&#8217;, etc.)\u00a0<\/strong><br \/>\n<span style=\"font-weight: 400\">As long as your password isn&#8217;t one of these trivial ones and is more than a few characters long, it&#8217;s highly unlikely anyone is going to be able to hack into it, and most attackers won&#8217;t bother; they&#8217;ll just move on to find an unprotected network.<\/span><br \/>\n<strong>Some institutions spend some bucks to make the network more secure like using <a href=\"http:\/\/www.cloudpath.net\/\" target=\"_blank\" rel=\"noopener\">Cloudpath&#8217;s XpressConnect<\/a> to secure all wireless connections on <a href=\"http:\/\/www.upenn.edu\/computing\/wireless\/\" target=\"_blank\" rel=\"noopener\">their campus wireless network<\/a> with WPA2.<\/strong><br \/>\n<span style=\"font-weight: 400\">So what are you to do if you have to be on an open wi-fi and have to use an unencrypted service? There&#8217;s still a solution, and it may be a good back to school gift: A VPN.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>According to Microsoft officials, hackers deployed by the Russian administration have been utilizing IoTs such as video decoders and printers to infiltrate certain computer networks. This was noted after Fancy Bear servers started communicating with manipulated devices in a corporate system. IoT (Internet-of-things) devices have proven to be exceptional technological innovations in the current world [&hellip;]<\/p>\n","protected":false},"author":17,"featured_media":19371,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[18,25],"tags":[652,653,654,778,779,922,1195],"_links":{"self":[{"href":"https:\/\/www.englishforward.com\/news\/wp-json\/wp\/v2\/posts\/19370"}],"collection":[{"href":"https:\/\/www.englishforward.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.englishforward.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.englishforward.com\/news\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/www.englishforward.com\/news\/wp-json\/wp\/v2\/comments?post=19370"}],"version-history":[{"count":0,"href":"https:\/\/www.englishforward.com\/news\/wp-json\/wp\/v2\/posts\/19370\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.englishforward.com\/news\/wp-json\/wp\/v2\/media\/19371"}],"wp:attachment":[{"href":"https:\/\/www.englishforward.com\/news\/wp-json\/wp\/v2\/media?parent=19370"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.englishforward.com\/news\/wp-json\/wp\/v2\/categories?post=19370"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.englishforward.com\/news\/wp-json\/wp\/v2\/tags?post=19370"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}