Sometimes it can be easy to take cybersecurity for granted, especially when you consider that built-in security features are more powerful than they have ever been. Unfortunately, if you think that cybersecurity is something that ends with the built-in security of your desktops and laptops, then you’re in for a rude awakening.
Besides older industrial machinery and equipment, just about all devices connected to your network communicate with each other in some way, thereby making them a cybersecurity risk. Individual workstations and desktops might be protected, but you also need to keep them updated, along with all of the other endpoints that might be connected to your network.
In fact, you might be surprised by some of the other devices that could potentially be threats to your network.
Does the name Stackoverflowin ring a bell? Back in 2017, this hacker hijacked 150,000 printers all over the world from big brands like Canon, Brother, Epson, HP, and Samsung. They were then able to send documents to these printers to print out the messages. The attack might be harmless, but it showcases just how serious issues of cybersecurity with printers can be, as they can be controlled and manipulated in ways you might not expect.
In essence, the above attack could be categorized as a botnet, or a large group of infected devices from all over the Internet using their collective power to launch an attack against a network. This segues nicely into our next topic of discussion, the DDoS attack.
Just last year, the world saw the most massive DDoS attack yet. A DDoS attack is when countless devices—we’re talking hundreds, thousands, or even millions of infected devices—band together to launch all of their power against a website or service. It’s like when the grocery store has too much traffic and people get stuck waiting around in the aisles, or when a highway experiences traffic congestion.
Anyway, back to the attack. It went after its target with 17.2 million requests per second, three times larger than the largest DDoS attack which preceded it. With a varied list of compromised devices, including smart appliances and various Internet of Things devices such as smart light bulbs, thermostats, washing machines, and others that can connect to a smartphone, anyone with connected devices has reason to fear these attacks. And, of course, if a hacker can take over your washing machine, you bet they’re not going to be doing your chores for you. They’ll likely use it to gain deeper access to your network and create all kinds of problems for you.
Any device which sends or receives network traffic throughout your office is going to be vulnerable, as it’s likely connected to your workstations, which your employees use on a day-to-day basis. Even in the home environment, you can expect there to be threats aplenty, as just last month a new type of malware was discovered making its home on consumer and small-business grade network routers. This particular threat allowed hackers to influence connected devices using the Windows, Linux, and macOS operating systems.
The malware, an incredibly complicated and sophisticated threat called ZuoRAT, is believed to have been created by a major organization or perhaps even a nation-state. The threat is quite difficult to identify and detect, all while granting a considerable amount of control to any potential attacker, making it a dangerous combination of stealthy and powerful. It can also be used to roll out additional malware, bypassing security measures along the way.
Bluetooth headphones might seem small and of little consequence, but even these devices can be vulnerable to threats. Take, for example, the vulnerability which was discovered within the microcontrollers of a handful of earbuds, allowing hackers to gain control over the device for the purposes of a botnet. The threat has only been used by researchers, but security experts were able to break into their own Bluetooth earbuds and disable the Bluetooth and wireless communications on the connected device. Imagine the repercussions this could have in the realm of a physical security system, where security cameras could be broken into and turned off.
Pretty scary stuff, although we would like to mention that we don’t bring this up to scare you—merely to open your eyes to the possibilities out there for hackers, which are seemingly infinite in scope.
We know it can be a little unnerving to think about the many threats out there, but you don’t have to do it alone. ATECH MSP is here to help you navigate the cybersecurity landscape. To learn more, reach out to us at 661-840-8707 .