9/20/2011 12:19 PM ET|
Hackers can control car, TV or home
In a widely wired world, vulnerability to cybercrime is increasing, and not just on your PC. Hacking targets now include Internet TVs, cars, medical devices and home security systems.
If anything in your home communicates data over a network or to an outside source, it can be hacked.
That's the harsh reality that online-security companies such as Symantec and Superior Solutions face, and one device-centric security firm -- Mocana -- is preparing for a post-PC world where everyone is wired and every device from a smartphone to the kitchen refrigerator is connected to a network. Even without hackers figuring out how to access every corner of a user's life, cybercrime is becoming a big industry.
A report released by Symantec earlier this month found that cybercrime cost victims $388 billion in time and money last year alone, hitting 431 million people in 24 countries. That number is rising steadily; the 54% of online adults who were victims of computer virus or malware attacks this year is up from 51% last year. Attacks against mobile devices are soaring as well, with Kapersky Labs finding that 65% more smartphones, tablets and other devices were targeted for malware attacks last year, compared with 2009.
A Mocana survey, meanwhile, found that 64% of professionals at companies including Apple, AT&T, Intel, IBM and Microsoft had experienced an attack on a non-PC device that required the attention of their IT staff. An additional 54% said that attack disrupted the company's network, but 51% said their companies still didn't update security or create patches to protect information on devices.
Researchers at Germany's University of Ulm discovered that Google Android devices not updated to the latest version of their operating system put calendar data, phone numbers, home addresses and email addresses at risk each time they connect to a network, making personal smartphones and tablets prime hacking targets. The hacking of Sony's PlayStation Network back in April, the ensuing shutdown and the exposure of nearly 100 million users' information brought the hacking problem home, without involving a PC, a tablet or even a smartphone to get in.
"If you look at every sector of the economy, it's consumer electronics, it's smart-grid and smart-energy infrastructure, it's health care and medical devices, it's industrial control, it's aerospace and defense, it's retail and it's transportation logistics," says Adrian Turner, the chief executive of Mocana. "All of those markets have or will have connected devices."
We spoke with executives at Mocana and Superior Solutions and found that security flaws on the following items allow as much access for hackers as a lockless door would for a passing burglar:
There's some great, convenient, connected technology out there that makes life in the living room a lot easier. Those devices also make it a lot easier for hackers to get your information, passwords and even money as you use your HDTV to play around on the Internet.
"In the home, you have this whole other phenomenon, which is the explosion of phones, tablets and the next big wave, which is Internet-connected TVs," says Turner. "According to Moore's Law and the fact that we think in a linear way and don't realize how powerful these computers are getting -- or that $1 worth of computer power today will be worth 3 cents in five years -- we don't realize that these TVs are as powerful as the computers that were sitting on our desk 10 years ago."
Mocana bought several of the most popular Internet TVs just before the last holiday season and discovered that they were wide open to attacks. While most online TV functions are as benign as checking the weather with a Weather Channel app, getting scores through a Fox Sports app or cruising a Netflix queue, applications such as Amazon On-Demand pay-per-view -- which give hackers a financial incentive to access your network and steal passwords and other information -- prove problematic even when secured.
The holes in current Internet-TV security are just wide enough to allow hackers to present fake credit card forms and fool consumers into giving up their private information; intercept and redirect Internet traffic, which can trick consumers into thinking fake bank and shopping websites are legit; or steal TV manufacturers' digital "corporate credentials" to access a user's search engine or video-streaming and photo-sharing services.
The Sony hacks hit users through a network, but Internet televisions cut out the middleman entirely if they're not properly secured. That's upsetting now, but it could become much more troublesome by 2015, the year television market-research group DisplaySearch says 500 million Internet-connected TVs will be sold worldwide.
"There are issues with the majority of customers we work with, and a lot of the problem is implementation," Turner says. "You look at the Sony PS3 incident, and that was a well-thought-through, multilayered security model where they made some poor decisions when it came to implementation."
Home security systems
Sure, it's great that you can control your alarms, locks and remote notification through your smartphone and check your security cameras online. Just realize that means hackers can use those same commercial-friendly conveniences against you if they're able to access your home security system.
"People tend to think of these things as very different, but they're actually the same from a security perspective," says Turner, whose company also provides security software for video surveillance equipment, security systems and even Honeywell's building automation systems. "It's an Internet-connected device, it has a certain processor and operating system, and it's that combination of OS and CPU that people looking to break into a system or automated scripts to find devices are looking for."
VIDEO ON MSN MONEY
Hacking is a problem because of all the holes and backdoors microsoft leaves in its OS. Holes that are mandated by the government. The government doesnt want our systems to be hack proof. Because they are the biggest hackers of them all.
You make a hack proof OS, and I guarantee the government would outlaw it.
Makes me kind of glad I drive a car that pre-dates computerization all together.
No one's thoughts are private.
Have your door locks changed once by a locksmith and someone can be taking a peek inside your home within a week. The locksmiths have had their brains pick-able for the last decade too.
Everyone and their brother knows your SS#, DOB, full name, mother's maiden, account numbers and past addresses.
Oh yeah, the govt knows. Some politicians must be getting huge kickbacks from the pharmaceutical industry. Their greed is going to ruin Social Security by bothering so many people with the voices. The victims just want to work, enjoy a few luxuries and be left alone but they are tortured instead.
Now the shrinks say anyone is capable of hearing the voices at any time, so you bet someone can take a look at anyone, anytime and anywhere. Your bank deposit and even your bedroom are not private.
Psychiatry is a sleazy profession, just like politics.
Just maybe we should have left things the way they were, no computers(control circuit boards) in washers, refrigerators, TVs, cars, and other appliances. This technology is too easily hacked.
Hopefully, my TV won't order a good movie, or sports pay per view when I'm not home and my refrigerator order a twelve pack of beer to drink while watching the TV event... They can at least wait till I'm home.....
The other day a hacker "hacked" my dog and made him take a dump on my wife's favorite rug. When will the govt. finally start doing something!
Oh you mean the music that was originally STARTED by black people? Let me know if you would like another cup of owned, sir.
Says the guy that posted this using a computer networking system...Unless you live in the boonies and / or like a mormon in Va, your post holds no weight. Even using electricity is using technology.
Copyright © 2014 Microsoft. All rights reserved.
Fundamental company data and historical chart data provided by Morningstar Inc. Real-time index quotes and delayed quotes supplied by Morningstar Inc. Quotes delayed by up to 15 minutes, except where indicated otherwise. Fund summary, fund performance and dividend data provided by Morningstar Inc. Analyst recommendations provided by Zacks Investment Research. StockScouter data provided by Verus Analytics. IPO data provided by Hoover's Inc. Index membership data provided by Morningstar Inc.
RECENT ARTICLES ON IDENTITY THEFT
Redrawn lines between full- and part-timers at Sodexo decide who is eligible for coverage.