http://www.forbes.com/sites/kashmirhill/2014/08/13/so-many-pwns/
By Kashmir Hill
Forbes Staff
8/13/2014
There are technologists who specialize in “scanning the Internet.” They
are like a search team making its way through a neighborhood, but instead
of checking the knob of every door, they check Internet entrances to
online devices to see which ones are open. These people have been
screaming for some time that there is a lot of stuff exposed on the
Internet that shouldn’t be: medical devices, power plants, surveillance
cameras, street lights, home monitoring systems, and on and on. But
incredibly, their message doesn’t seem to get through, because their scans
keep on picking up new devices.
While talking about the issue at hacker conference Defcon on Sunday,
security engineer Paul McMillan sent his winged monkey scanners out
looking for computers that have remote access software on them, but no
password. In just that short hour, the results came pouring in: thousands
of computers on port 5900 using a program called VNC for remote access.
The total number is likely over 30,000. Those using the program failed to
password-protect it, meaning anyone who comes looking can see what they’re
doing, and manipulate their computers. McMillan set a scanner to take a
screenshot of every exposed computer it came across. I went through the
screens captured Sunday and saw people checking Facebook, playing video
games, watching Ender’s Game, reading Reddit, Skyping, reviewing
surveillance cameras, shopping on Amazon, reading email, editing price
lists and bills, and, of course, watching porn. I saw access screens for
pharmacies, point of sale systems, power companies, gas stations, tech and
media companies, a cattle-tracking company, and hundreds of cabs in Korea.
This isn’t just about watching people use their computers; the fact that
the scanner got in means anyone could manipulate the devices, changing the
power company’s settings, pausing the porn stream, going through a
company’s records, or reviewing the prescriptions for a pharmacy’s
patients.
There is no need for hackers to go to great lengths to compromise these
computers; their owners have built in backdoors with no locks. “It’s like
leaving your computer open, unlocked and ready to rock in a crowded bus
terminal and walking away,” says security engineer Dan Tentler, who
presented with McMillan. Increasingly, everything is connected to the
Internet, and unfortunately, people don’t always know how to connect their
things securely.
“It’s important to remember that this scan only scratches the very surface
of the problem,” says McMillan. “We can’t legally scan for default
passwords, but I’m certain if we did, the results would be orders of
magnitude worse.”
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
