Archive for the ‘IoT’ Category

IoT botnet creator cops plea to hacking more than 800,000 devices

September 4th, 2019
A judge's gavel on a desk.

Enlarge (credit: Getty Images | Marilyn Nieves)

A 21-year-old Washington man has pleaded guilty to creating botnets that converted hundreds of thousands of routers, cameras, and other Internet-facing devices into money-making denial-of-service fleets that could knock out entire Web hosting companies.

Kenneth Currin Schuchman of Vancouver, Washington, admitted in federal court documents on Tuesday that he and two other co-conspirators operated Sartori and at least two other botnets that collectively enslaved more than 800,000 Internet-of-Things devices. They then used those botnets to sell denial-of-service attacks that customers could order. Last October, while on supervisory release after being indicted for those crimes, Schuchman created a new botnet and also arranged a swatting attack on one of his co-conspirators, the plea agreement, which is signed by the hacker, said.

The crime outlined in the court documents started with the advent in late 2016 of Mirai, a botnet that changed the DDoS paradigm by capitalizing on two salient features of IoT devices: their sheer numbers and their notoriously bad security. Mirai scanned the Internet for devices that were protected by an easy-to-guess default password. When the botnet found one, it corralled it into a botnet that could overwhelm even large targets with more junk traffic than they could handle.

Read 6 remaining paragraphs | Comments

Posted in Biz & IT, botnets, DDoS, Denial of Service, Internet of things, IoT, Policy | Comments (0)

Microsoft catches Russian state hackers using IoT devices to breach networks

August 5th, 2019
A script used to maintain network persistence.

Enlarge / A script used to maintain network persistence. (credit: Microsoft)

Hackers working for the Russian government have been using printers, video decoders, and other so-called Internet-of-things devices as a beachhead to penetrate targeted computer networks, Microsoft officials warned on Monday.

“These devices became points of ingress from which the actor established a presence on the network and continued looking for further access,” officials with the Microsoft Threat Intelligence Center wrote in a post. “Once the actor had successfully established access to the network, a simple network scan to look for other insecure devices allowed them to discover and move across the network in search of higher-privileged accounts that would grant access to higher-value data.”

The officials continued:

Read 5 remaining paragraphs | Comments

Posted in APT28, Biz & IT, Fancy Bear, Internet of things, IoT, Strontium | Comments (0)

Baltimore’s bill for ransomware: Over $18 million, so far

June 5th, 2019
Baltimore City Hall, where the ransomware battle continues.

Enlarge / Baltimore City Hall, where the ransomware battle continues. (credit: Alex Wroblewski/Getty Images)

BALTIMORE—It has been a month since the City of Baltimore's networks were brought to a standstill by ransomware. On Tuesday, Mayor Bernard "Jack" Young and his cabinet briefed press on the status of the cleanup, which the city's director of finance has estimated will cost Baltimore $10 million—not including $8 million lost because of deferred or lost revenue while the city was unable to process payments. The recovery remains in its early stages, with less than a third of city employees issued new log-in credentials thus far and many city business functions restricted to paper-based workarounds.

"All city services remain open, and Baltimore is open for business," Mayor Young said at the briefing, listing off critical services that had continued to function during the network outage. City Finance Director Henry Raymond called the current state of systems "not ideal, but manageable"—some emails and phone services have been restored, and many systems have remained online, but payment processing systems and other tools used to handle transactions with the city remain in manual workaround mode. Department of Public Works director Rudy Chow warned residents to expect a larger-than-normal water bill in the future, as the city's smart meters and water billing system are still offline and bills cannot be generated.

Parking tickets and tickets generated by the city's speed and red light cameras can be paid in person if the ticket is in hand. The city has regained the data for all parking and camera-generated violations up to May 4, but it still lacks the ability to look up violations without the physical paper ticket or process payments electronically, city officials said. And the same is true for many other interactions with the city, which currently require mailing or hand-delivering paper documents and manual workarounds.

Read 6 remaining paragraphs | Comments

Posted in Baltimore ransomware attack, Biz & IT, EternalBlue, FBI, IoT, Maryland, NSA, Policy | Comments (0)

Blockchain, zero-code machine learning coming to Azure

May 3rd, 2019
Blockchain, zero-code machine learning coming to Azure

Enlarge (credit: Caetano Candal Sato / Flickr)

Microsoft's annual developer conference kicks off on Monday, and the company will no doubt have all manner of things to announce for Azure and, if we're lucky, Windows. To whet our appetites, the company has unveiled a crop of new Azure and Internet-of-Things services with, as we should no doubt expect these days, a focus on machine learning and blockchain.

First up are some new capabilities under the cognitive-services banner. These are the services that are most similar to human cognition: image recognition, speech-to-text, translation, and so on. Microsoft is adding a new category of service that it's calling "Decision." In this category are services that make recommendations to aid decision-making. Microsoft is putting some existing services into this category: Content Moderator (which tries to automatically detect offensive or undesirable text, images, and video) and Anomaly Detector (which examines time series data to find outlier or anomalous events). To these, Microsoft is adding Personalizer, which learns about a user's preferences and makes recommendations accordingly.

Microsoft is also offering previews of its Ink Recognizer (which turns handwriting into machine-readable text) and Form Recognizer, which can extract structured data from hand-filled forms. Cognitive Search, which uses machine learning to enable searching across disparate data types (such as OCR-scanned images, PDFs, and handwritten notes) is being promoted to general availability.

Read 3 remaining paragraphs | Comments

Posted in azure, cloud, edge computing, IoT, machine learning, microsoft, Tech | Comments (0)

New variants of Mirai botnet detected, targeting more IoT devices

April 9th, 2019
New variants of Mirai botnet detected, targeting more IoT devices

Enlarge (credit: BeeBright/Getty Images)

Mirai, the “botnet” malware that was responsible for a string of massive distributed denial of service (DDoS) attacks in 2016—including one against the website of security reporter Brian Krebs—has gotten a number of recent updates. Now, developers using the widely distributed "open" source code of the original have added a raft of new devices to their potential bot armies by compiling the code for four more microprocessors commonly used in embedded systems.

Researchers at Palo Alto Networks’ Unit 42 security research unit have published details of new samples of the Mirai botnet discovered in late February. The new versions of the botnet malware targeted Altera Nios II, OpenRISC, Tensilica Xtensa, and Xilinx MicroBlaze processors. These processors are used on a wide range of embedded systems, including routers, networked sensors, base band radios for cellular communications and digital signal processors.

The new variants also include a modified encryption algorithm for botnet communications and a new version of the original Mirai TCP SYN denial-of-service attack. Based on the signature of the new attack option, Unit 42 researchers were able to trace activity of the variants back as far as November 2018.

Read 3 remaining paragraphs | Comments

Posted in altera, Biz & IT, botnets, Internet of things, IoT, mirai, OpenRisc, Xilinx, Xtensa | Comments (0)

Brace yourselves: New variant of Mirai takes aim at a new crop of IoT devices

March 18th, 2019
Brace yourselves: New variant of Mirai takes aim at a new crop of IoT devices

Enlarge (credit: LG)

Mirai, the virulent Internet of Things malware that delivered record-setting denial-of-service attacks in 2016, has been updated to target a new crop of devices, including two found inside enterprise networks, where bandwidth is often plentiful, researchers said on Monday.

The malware infects webcams, routers, DVRs, and other Internet-connected devices, which typically ship with default credentials and run woefully outdated versions of Linux that are rarely, if ever, updated. The rapidly spreading Mirai first made a name for itself in 2016, when it helped achieve record-setting DDoS attacks against KrebsOnSecurity and French Web host OVH.

A newly discovered variant contains a total of 27 exploits, 11 of which are new to Mirai, researchers with security firm Palo Alto Networks reported in a blog post Monday. Besides demonstrating an attempt to reinvigorate Mirai’s place among powerful botnets, the new exploits signal an attempt to penetrate an arena that's largely new to Mirai. One of the 11 new exploits targets the WePresent WiPG-1000 Wireless Presentation systems, and another exploit targets LG Supersign TVs. Both of these devices are intended for use by businesses, which typically have networks that offer larger amounts of bandwidth than Mirai’s more traditional target of home consumers.

Read 8 remaining paragraphs | Comments

Posted in Biz & IT, botnets, Distributed Denial of Service attacks, Internet of things, IoT, mirai | Comments (0)

Google boasts 1 billion Assistant devices—10x Amazon Alexa’s install base

January 7th, 2019
Some of the many things that can run the Google Assistant.

Enlarge / Some of the many things that can run the Google Assistant.

The Consumer Electronics Show (CES) kicks off this week, and the show promises to be a voice command battleground. Before Google Assistant and Amazon Alexa start duking it out on the show floor, Google wants to let the world know just how many devices have access to the Google Assistant: a cool billion. Google says it expects to hit one billion Google Assistant devices by the end of the month—that's the total install base of devices that allow the user to issue voice commands to the Google Assistant.

Thanks to a report from The Verge, we also have really recent numbers for Alexa. Amazon just announced there are 100 million Alexa devices out there, so if we're treating all devices as equal, Google has ten times as many voice command devices in the wild than Amazon.

The Google Assistant launched in 2016 on the Google Pixel phone and since then has spread to a ton of devices. There's a range of smart speakers like the Google Home line and third-party devices from JBL, Sony, Panasonic, LG, and more. There are smart displays like the Google Home Hub and third-party offerings from Lenovo, JBL, and LG. With a phone running Android Auto, you can have access to the Assistant from your car's infotainment screen. For TVs, there's both Sony and LG displays with Android TV and the Assistant built in, set-top boxes from Nvidia and Xiaomi, and even a plan for smart soundbars. For laptops, Google-built Chrome OS devices all have access to the Google Assistant, and it sounds like it's going to be a standard feature on all Chrome OS devices soon. If you make the mistake of buying a Wear OS device, you can get the Assistant on your watch, and it's even available on some Nest cameras.

Read 3 remaining paragraphs | Comments

Posted in alexa, amazon, Android, ces2019, google, Google Assistant, IoT, Tech | Comments (0)

Even KitchenAid is making a Google Smart Display—and it’s water resistant

January 7th, 2019
Even KitchenAid is making a Google Smart Display—and it’s water resistant

Enlarge (credit: KitchenAid)

It's CES week, and we have a new Google-powered smart display to talk about. A big feature of these smart displays is a visual and audio walkthrough of cooking recipes, and with Google's platform open to third parties, it only makes sense that traditional kitchen appliance manufacturers would want to get in on the action, right? Enter the KitchenAid Smart Display, which takes all the features and functionality of Google's smart display platform (reference the Google Home Hub and Lenovo Smart Display) and wraps it up with an appliance name that will feel right at home next to your mixer or refrigerator.

The KitchenAid Smart Display sounds a lot like the other third-party Google Smart Displays, with a 10-inch touchscreen and the usual Google Assistant software with smart home controls. KitchenAid is bringing two big hardware features to the table, though. First, compared to other third-party Google Smart Displays from JBL, LG, and Lenovo, this is a very compact design for something with a 10-inch display. Second, the KitchenAid has an IPX-5 water resistance rating. KitchenAid says the device is "rated for resistance to faucet water," so you can actually wash the smart display in the sink after a messy cooking session (though you should probably unplug it first).

Besides running the same interface you'd find on the Google Home Hub or the Lenovo Smart Display, KitchenAid is throwing in extra voice commands for its Yummly cooking app. The press release says you'll get "Yummly voice and visual meal planning and guided cooking functionality," but keep in mind this is in addition to the usual cooking guidance that is already built into the Google smart display software.

Read 1 remaining paragraphs | Comments

Posted in CES 2019, IoT, kitchenaid, smart things, Tech | Comments (0)

June postscript: 5 unusual things you can make in an Internet-connected oven

December 31st, 2018
Baked churros

Enlarge / The air-fried "churros" were delicious, but they tasted nothing at all like churros. (credit: Megan Geuss)

Earlier this month, Ars reviewed the June Oven, an Internet-connected, seven-in-one device that pushes the boundaries of the traditional toaster oven. Overall, I felt pretty positive about the June, especially the internal camera that allows you to watch your food cook (and share that view with others if you so desire).

But I mostly tested more traditional foods in the oven. After all, the best way to tell if a new toaster oven is any good is to see if it makes your best recipes more deliciously/reliably than your old toaster oven. I tried out some new things, of course: I hardboiled eggs (good!), baked bacon (bad!), and dehydrated kale chips (yummy but energy intensive!).

Before I send the June Oven back to its maker (in a box, with postage, not in a violent way of course) I wanted to test out five of the more unusual recipes that I found in June's app cookbook. The cookbook that's included in the June app is surprisingly well-populated with recipes specifically tailored to this IoT toaster oven, including a number of recipes that you'd never think to use a toaster oven for.

Read 14 remaining paragraphs | Comments

Posted in Biz & IT, Cooking, IoT, June, kitchen tech, Tech | Comments (0)

Logitech disables local access on Harmony Hubs, breaks automation systems [Update]

December 19th, 2018
Logitech disables local access on Harmony Hubs, breaks automation systems [Update]

Enlarge (credit: Logitech)

Update, Dec 21, 2:47pm: In response to customers' frustration, Logitech issued another statement today with instructions on how to enable private local API controls. The company created a new XMPP beta program that will give users access to the local controls that were removed in the most recent Harmony Hub firmware update. Logitech plans to release an official firmware update with XMPP controls in January.

Original story

Many users of Logitech's Harmony Hub smart home hub and remote were recently met with a nasty surprise. The device's latest firmware update, version 4.15.206, reportedly cuts off local access for Harmony Hubs. As a result, many users who created home automation and smart home systems using third-party APIs haven't been able to control many, and in some cases, all of their connected IoT devices.

Read 9 remaining paragraphs | Comments

Posted in API, harmony hub, home automation, IoT, local access, Logitech, smart home, Tech | Comments (0)