BOSTON (AP) Researchers at a cybersecurity firm say they have identified vulnerabilities in software widely used by millions of connected devices flaws that could be exploited by hackers to penetrate business and home computer networks and disrupt them.
There is no evidence of any intrusions that made use of these vulnerabilities. But their existence in data-communications software central to internet-connected devices prompted the U.S. Cybersecurity and Infrastructure Security Agency to flag the issue in an advisory.
Potentially affected devices from an estimated 150 manufacturers range from networked thermometers to smart plugs and printers to office routers and healthcare appliances to components of industrial control systems, the cybersecurity firm Forescout Technologies said in a report released Tuesday. Most affected are consumer devices including remote-controlled temperature sensors and cameras, it said.
In the worst case, control systems that drive critical services to society such as water, power and automated building management could be crippled, said Awais Rashid, a computer scientist at Bristol University in Britain who reviewed the Forescout findings.
In its advisory, CISA recommended defensive measures to minimize the risk of hacking. In particular, it said industrial control systems should not be accessible from the internet and should be isolated from corporate networks.
The discovery highlights the dangers that cybersecurity experts often find in internet-linked appliances designed without much attention to security. Sloppy programming by developers is the main issue in this case, Rashid said.
Addressing the problems, estimated to afflict millions of devices, is particularly complicated because they reside in so-called open-source software, code freely distributed for use and further modification. In this case, the issue involves fundamental internet software that manages communications via a technology called TCP/IP.
Fixing the vulnerabilities in impacted devices is particularly complicated because open-source software isnt owned by anyone, said Elisa Costante, Forescouts vice president of research. Such code is often maintained by volunteers. Some of the vulnerable TCP/IP code is two decades old; some of it is no longer supported, Costante added.
It is up to the device manufacturers themselves to patch the flaws and some may not bother given the time and expense required, she said. Some of the compromised code is embedded in a component from a supplier and if no one documented that, no one may even know its there.
The biggest challenge comes in finding out what youve got, Rashid said.
If unfixed, the vulnerabilities could leave corporate networks open to crippling denial-of-service attacks, ransomware delivery or malware that hijacks devices and enlists them in zombie botnets, the researchers said. With so many people working from home during the pandemic, home networks could be compromised and used as channels into corporate networks through remote-access connections.
Forescout notified as many vendors as it could about the vulnerabilities, which it dubbed AMNESIA:33. But it was impossible to identify all affected devices, Costante said. The company also alerted U.S., German and Japanese computer security authorities, she said.
The company discovered the vulnerabilities in what it called the largest study ever on the security of TCP/IP software, a year-long effort it called Project Memoria.
See the original post:
Research: Millions of smart devices vulnerable to hacking - The Associated Press
- Best Zombie Movies Streaming on Hulu, HBO Max, and Amazon Prime - IndieWire - September 5th, 2021
- James Gunn and Craig Mazin made The Boys six years before the comic - The Digital Fix - August 10th, 2021
- Michigan Congressmen and Women Can Work Together, Some Times - wbckfm.com - wbckfm.com - July 11th, 2021
- Netflix's 'Resident Evil' Anime Shows Off Exactly Why People Love the Franchise - Thrillist - July 11th, 2021
- The best TV series to watch on Netflix, Amazon Prime, Now, BritBox and more this July 2021 - iNews - July 11th, 2021
- No Hands Clapping - by Jonah Goldberg - The Remnant - The Dispatch - July 11th, 2021
- 50 Best Zombie Movies of the 21st Century - Cultured Vultures - July 1st, 2021
- Fewer in NJ getting COVID, and most are unvaccinated, Murphy says - New Jersey 101.5 FM - July 1st, 2021
- In Between The Poop And The Pope 105.7 The Point - 105.7 The Point - July 1st, 2021
- How many Halloween movies are there ? The complete Michael Myers timeline to watch before Halloween Kills arrived - Sportskeeda - July 1st, 2021
- Lucifer And Army Of The Dead Top Nielsens As Cruella Debuts On Disney+ - Forbes - July 1st, 2021
- What to watch on Netflix Top 10: Most popular shows May 28 - Tom's Guide - June 1st, 2021
- Box Office is Back Thanks to A Quiet Place Part II and World War Z - Film School Rejects - June 1st, 2021
- Army of the Dead Is One of Netflix's Biggest Hits with 72 Million Account Views and Counting - MovieWeb - June 1st, 2021
- New from Netflix in June: series, films and documentaries Explica .co - Explica - June 1st, 2021
- 10 greatest movie trilogies of all time - The Independent - May 21st, 2021
- Army Of The Dead (2021) - Rotten Tomatoes - May 21st, 2021
- The 10 Best Alien Invasion Movies - Cinelinx - May 8th, 2021
- 40 Years Ago: 'Friday the 13th Part 2' Makes Jason a Killer - Ultimate Classic Rock - May 8th, 2021
- Underappreciated Gems The Top 10 Most Underrated Movies of the Past 5 Years - Hollywood Insider - April 23rd, 2021
- If Browns Take a Wide Receiver in Round 1... - Yardbarker - April 23rd, 2021
- Former Bengals Great Gives His Thoughts on Penei Sewell and Ja'Marr Chase Debate - Yardbarker - April 23rd, 2021
- Ozzie Albies and Dansby Swanson are showing us why early-season stats can be meaningless - Yardbarker - April 23rd, 2021
- Cubs place OF Joc Pederson on 10-day injured list - Yardbarker - April 23rd, 2021
- 3 Browns Players Who Could Be Impacted By Draft Picks - Yardbarker - April 23rd, 2021
- Eagles could move up in first round of NFL Draft? - Yardbarker - April 23rd, 2021
- Steve Kerr weighs in on Kelly Oubre Jr. coming off the bench - Yardbarker - April 23rd, 2021
- Chargers Top 15 Players They Could Take at 13 - Yardbarker - April 23rd, 2021
- Q2 Montana this Morning top stories with Victoria Hill 4-5-21 - Yahoo News - April 5th, 2021
- Every Alice Cooper album, ranked from worst to best - Louder - March 9th, 2021
- Ranking the Live-Action Members of Superman's Supporting Cast - tor.com - March 9th, 2021
- 3 Asian Actors Making Their Hollywood Debut This Year, Thanks To Marvel - Tatler Malaysia - March 9th, 2021
- 20 Best Movies About Viruses and Pandemics - Parade - February 16th, 2021
- Edgar Wright: All Of His Movies, Ranked According To Box Office Gross - Screen Rant - February 16th, 2021
- Horror Fans Reveal The Movie Scenes That Made Them Physically Ill - We Got This Covered - February 16th, 2021
- This week on "Sunday Morning" (February 7) - CBS News - February 9th, 2021
- WandaVision Episode 6 release date and spoiler; Everything we know so far - Republic TV - February 9th, 2021
- The Weird Old West: Horror And Fantasy-Themed Westerns - Looper - February 5th, 2021
- Our 9 favorite war films from the 60s - We Are The Mighty - February 2nd, 2021
- Cinema: top 10 horror and horror in 2021 - Inspired Traveler - February 2nd, 2021
- The Best Disney and Nickelodeon Pop Stars, Ranked - Vulture - January 25th, 2021
- Ten of the Best Recent Horror and Sci-Fi Movies to Stream Right Now - tor.com - January 22nd, 2021
- The Top 10 Horror Movies We're Waiting To See In 2021 - Flickering Myth - January 22nd, 2021
- Cambridge rated the best place to survive a 'zombie apocalypse' - Cambridgeshire Live - January 22nd, 2021
- 10 Post-Apocalyptic Movies That Every Sci-Fi Fan Should Watch in 2021 - OtakuKart - January 15th, 2021
- 'The White Tiger', 'Malcolm & Marie', 'Don't Look Up', 'Red Notice': New Hollywood movies to be streamed on Netflix - DNA India - January 15th, 2021
- Best new movies coming out in 2021: On streaming and (hopefully) in theaters - syracuse.com - January 9th, 2021
- Xbox Live Games with Gold titles for January 2021 revealed - Shacknews - January 9th, 2021
- 2021: Very insightful industry predictions - Property Industry Eye - January 3rd, 2021
- Best Horror Movies of 2020 - Sprout Wired - December 31st, 2020
- The top 10 films of 2020 - CBC.ca - December 28th, 2020
- The 10 Best Horror Games of 2020 | Game Rant - GameRant - December 28th, 2020
- 10 Games that Helped Me Stay In Touch With My Friends During 2020s Lockdown - IGN India - December 28th, 2020
- SwitchArcade Round-Up: 'BIT.TRIP' Series, 'Door Kickers', 'DungeonTop', and Today's Other New Releases and Sales - Touch Arcade - December 28th, 2020
- Peninsula, The Call & more: Here are the top 10 Korean films of 2020 that you should watch - PINKVILLA - December 19th, 2020
- What vets can learn from It's a Wonderful Life - We Are The Mighty - December 19th, 2020
- The Best TV Shows of 2020 - Pajiba Entertainment News - December 19th, 2020
- The 10 best games of 2020: In a pandemic, play was critical - Los Angeles Times - December 12th, 2020
- Emerge from the slog of 2020 and into the promise of tomorrow with these films - Kansas City Pitch - December 11th, 2020
- Op-ed: Will audiences return to the movies? They already have, IMAX CEO says - CNBC - November 20th, 2020
- 10 Great Recent Horror Movies from 2020 You Might Have Missed - Bloody Disgusting - November 20th, 2020
- Want to see something really scary? - Dothan Eagle - November 16th, 2020
- Ranking the Friday the 13th Movies | 411MANIA - 411mania.com - November 16th, 2020
- PlayStation 2: 10 Cancelled Games We Wanted To See | Game Rant - GameRant - November 16th, 2020
- Why are there no James Bond games? - GamesIndustry.biz - November 12th, 2020
- 'The Walking Dead: World Beyond' Showrunner Matt Negrete on Expanding the 'Walking Dead' Universe - Collider.com - November 9th, 2020
- Kevin Love invests in first mental health gym initiative - Yardbarker - November 6th, 2020
- Chiefs trade RB DeAndre Washington to Dolphins - Yardbarker - November 6th, 2020
- The 'QBs with the most NFL starts' quiz - Yardbarker - November 6th, 2020
- Bengals unlikely to trade receiver John Ross before deadline - Yardbarker - November 6th, 2020
- Rockets expected to rebuff trade interest in James Harden - Yardbarker - November 6th, 2020
- Seven players the Mets should target in free agency - Yardbarker - November 6th, 2020
- Orioles GM: ownership is not selling the team - Yardbarker - November 6th, 2020
- 10 underrated horror movies to watch on Halloween - The Indian Express - November 1st, 2020
- Brendan Gallagher Means Everything to the Canadiens - Yardbarker - November 1st, 2020
- Seattle Kraken will wait to name head coach - Yardbarker - November 1st, 2020
- Report: Elton Brand, Sixers agree to multiyear extension - Yardbarker - November 1st, 2020
- Report: Seahawks were interested in trading for Aldon Smith - Yardbarker - November 1st, 2020
- Sam Hinkie has no intention of ever returning to NBA - Yardbarker - November 1st, 2020
- 'Babyteeth', 'True History of the Kelly Gang' and 'The Invisible Man' Lead the 2020 AATCA Nominations - Concrete Playground - November 1st, 2020
Reviewed and Recommended by Erik Baquero