Conveniently Connected?

Over the past few years the news has been dominated by reports involving breaches. With all the hoopla surrounding major breaches like Target, in January, and most recently Home Depot, Community Health Services, JP Morgan, and eBay, other interesting cyber news may have been overlooked.

In 2011, The PlayStation Network (PSN) suffered a major breach of customer data which caused many to start taking a look at other popular consumer products. Have you taken time to consider the safety of the items in your home, and the networks to which they connect?  In August, several interesting events occurred. The first sequence of events was a series of Distributed Denial of Service (DDOS) attacks against popular gaming networks for PlayStation, X-Box, and Activision’s Battle.net (which supports World of Warcraft and StarCraft). The companys all reported that no customer data was compromised and that only their services were affected. The other major series of events demonstrated the precarious nature of the internet which serves your home devices. Charter Cable and Time Warner Cable, two popular broadband services, suffered major national outages.  Time Warner revealed their outage to be a human error. Apparently some wrong configurations were entered  by an employee that quickly propagated (synced) across their network and caused the outage. An easy mistake this time, but next time it could be an angry insider or a malicious outsider.

 The Charter outage is a little murkier though, as they suffered an unexplained DNS (Domain Naming Service) outage. DNS associates numerical IP addresses used by all connected devices to the conventional domain names like Yahoo.com that users type into their internet browsers. The outage led many to believe that Charter had suffered a cyber-attack. NetworkWorld.com even reported that a charter helpdesk agent had admitted to a cyber-attack.  The company has provided no official cause for the DNS outage.

So what does this have to do with the Blu-ray, the refrigerator, the gaming console, and the 60” LED LCD TV you have connected to the internet at home? So before I begin to explain, yes there are actually refrigerators that connect to the internet. 

The major concern is that the devices are often connected to the internet without proper security controls in place to protect them. According to a recent report on Forbes.com, vulnerabilities were recently discovered in “Smart” refrigerators that could allow hackers to send malicious emails from your refrigerator. The article, called These Devices May Be Spying On You (Even In Your Own Home), goes on to describe how both LG and Samsung Televisions were exploited to provide key network information, display what channels were being watched, and even use the embedded camera on the “Smart” TV to spy on people in their living room. The BBC has even reported that the display on an internet connected printer was hacked over a period of time to display a game of Doom.

Such reports got me thinking about the PlayStation and the X-box brands which both have cameras that connect to the consoles to enable more interactive game play. While no official reports of internet based attacks involving these consoles have been reported, it doesn’t mean they haven’t been hacked. The internet is full of reports of how these devices have been physically hacked to perform other uses and even connect to a PC. So what can you do to protect yourself? A good start is to change default admin usernames/passwords, restrict access to your Wi-Fi, use encryption on your devices/network, protect your credit cards (use gift cards), and most importantly be informed and use common sense.