Five Percent of the Internet Could Be Hijacked via Embedded OS Flaws
The 2012 Internet Census published earlier this year revealed that embedded devices are facing serious security threats when connected to the Internet. The issue appears bigger than expected, according to Metasploit maker HD Moore’s presentation at AusCERT2013.
Embedded devices – an umbrella term defining specialized appliances that run their own operating system such as GPS receivers, industrial equipment, TV sets, smart fridges and routers – can be hijacked easily because of vendors’ lax security implementations.
According to the results of the latest Internet Census, an attacker could easily scan the IPv4 Internet space and look for hosts with UPnP or SNMP capabilities and turn them into remotely-controlled zombies.
“You can probably own five percent of the total Internet without even blinking,” Moore said in a quote for The Register. His research also revealed that more than 75 million devices all over the world are vulnerable to SNMP (Simple Network Management Protocol) design flaws, such as the connectionless SNMP over UDP.
Particularly damaging about hijacking embedded devices is that subversion can last years before it gets discovered. Since these devices are highly specialized, they never run antivirus or other kinds of intrusion detection software, so once they’re compromised, the malicious activity goes unnoticed.