Don't let your Web-linked devices turn into 'zombies'

More hackers are targeting Web-connected devices such as webcams and sensors. Basic ways to guard against hackers include changing the default passwords on new devices, performing regular software updates and purchasing trusted equipment, say cyber-s
More hackers are targeting Web-connected devices such as webcams and sensors. Basic ways to guard against hackers include changing the default passwords on new devices, performing regular software updates and purchasing trusted equipment, say cyber-security experts.PHOTO: MARCUS TAN FOR THE STRAITS TIMES

Take steps to prevent gadgets from being infected and used in cyber attacks: Experts

Change the default passwords on new devices, perform regular software updates and purchase trusted equipment.

Cyber-security experts say these are the basic things users should do to prevent their computers and other Web-connected devices from being infected and turned into "zombies", which can then be used to launch cyber attacks without their knowledge.

More hackers are targeting Web- connected devices - also known as Internet of Things (IoT) devices - such as routers, webcams and sensors. "Such devices are prime targets for hackers as they are designed to be plugged in and forgotten after basic set-up," said Mr Nick Savvides, a security advocate from anti-virus software firm Symantec.

Infected devices were the cause of disruptions to telco StarHub's Internet services recently.

Bug-ridden computers and devices from StarHub's subscribers were turned into "zombie" devices that were able to repeatedly send queries to StarHub's domain name system, overwhelming it and causing it to crash from the strain.

Prevention is better than cure in such situations, as infected routers and other devices can be difficult to diagnose. Users cannot install anti- virus software on them like they can on a computer.

THINK SECURITY DURING DESIGN

Security needs to be considered at the design phase of the software development cycle, rather than as a bolt-on product or afterthought.

MR MICHAEL LEE, a security evangelist at RSA Asia-Pacific and Japan.

"It is hard for a consumer to check to see if their devices have been infected as the devices do not look any different," said Mr Michael Smith, Akamai's chief technology officer of security for the Asia-Pacific and Japan. "Most of the signs are very subtle and could be the same as signs of a bad network connection."

The easiest way for hackers to gain access and infect such devices is simply to run a program that attempts to log on to them with the default passwords that the devices come with.

Users should hence change all default passwords on their devices. Even though some come with complex passwords with a mix of letters and numbers, they are still not safe.

"While these may seem like they are strong, randomly generated passwords, they may be generated algorithmically and thus more easily brute-forced," said senior research fellow Nick FitzGerald from security software maker ESET, referring to the process of guessing a password by going through all possibilities with a program.

Be diligent in updating devices' firmware

He said that for those who suspect their IoT devices may be infected, resetting them to their default settings could clear any malicious agents that infected them.

But it could take just 10 minutes for the devices to be re-infected if their default passwords are not changed after they have been reset.

 

Hackers can also gain access to IoT devices by exploiting flaws in their software, which they then reprogramme for their own ends.

"The firmware of IoT devices and home routers is rarely updated, leaving known exposures viable for months or years," said Mr Naveen Bhat, Asia-Pacific managing director of network security firm Ixia.

Users therefore need to be diligent about updating the firmware of their IoT devices as well, as manufacturers may push out security patches that fix such problems in their products.

Other experts say consumers should purchase devices from trusted sources and that come with the necessary security firmware.

Mr Michael Lee, a security evangelist at RSA Asia-Pacific and Japan, said routers, for example, can come with features that force users to change the default credentials and passwords upon first use.

This is an area manufacturers can improve in to make their devices less vulnerable. Mr Lee said: "Security needs to be considered at the design phase of the software development cycle, rather than as a bolt- on product or afterthought."

A version of this article appeared in the print edition of The Straits Times on October 31, 2016, with the headline 'Don't let your Web-linked devices turn into 'zombies''. Print Edition | Subscribe