Boaz Dolev, CEO of ClearSky, warned at the ICS Cybersec conference about the transformation of drinking machines and all innocent internet equipment of one kind or another - into zombies, through which the hackers will schedule attacks
"Not only computers can be used by an army of zombies who, on command, will cause a concentrated cyber attack. Also refrigerators, drinking machines, and any other Internet of Things component that is connected to the network may be used, and in fact has already been used - for such an attack," said Boaz Dolev, CEO of ClearSky.
Dolev spoke at the recent ICS Cybersec conference produced by People and Computers. The conference, which discussed cyber protection of vital infrastructures and control and command systems (SCADA), was held at the Avenue Conference Center in Kiryat Airport, with the participation of hundreds of professionals in the field. The moderators of the event were Yehuda Conforts, the editor-in-chief of People and Computers, and Daniel Ehrenreich, a cyber defense consultant and lecturer.
"I call 2017 the end of the age of innocence," Dolev said. "Everyone who is here in the hall - will be close to the attacks and will even experience them."
"This year, two critical events took place - at the beginning of the year, an attack on the electricity grid in Ukraine - the Russians decided they wanted to take down electricity grids and replaced firmware in command and control centers. And on November 17 - the Iranians decided they wanted to 'show' the Saudis and they simply activated Shamoon 2, created Chaos in many offices and networks in Saudi Arabia - starting with the airports, the central bank and other offices, they injected a cyber bomb into the computers On Thursday evening when everyone went on vacation, the virus deleted all the networks it was in and caused damage to thousands of computers and many systems."
According to him, "All Internet of Things devices have become zombie devices through which Internet attacks are carried out today. I'm not talking about protecting Internet of Things systems for the purpose of protecting factories, but a threat to everyone who is connected to the Internet by the very fact that there are Internet of Things devices that are connected to the network."
"Currently there are about six billion connected devices in the world," Dolev said. In 2020 there will be three times that and it will change the way we live. And this is not a new problem, but only a huge scope of an old problem - a Coke refrigerator that was connected to the Internet in 1982 at Carnegie Mellon was involved in a cyber attack (for practice). In the recent attacks in which the internet infrastructure of the internet address providers (DNS) in the United States fell, refrigerators participated. There are about 10,000 refrigerators connected to the Internet."
Internet of Things devices are very easy to attack
According to Dolev, it is very easy to attack Internet of Things devices - from routers to refrigerators. "It is possible to attack from the management interface through the password, through the place where it stores the information. The cost of the communication and computer component in all Internet of Things devices is very low - three to nine dollars."
"Internet of things devices lack the basic security infrastructure," Dolev said. "It is true that there are many people who are trying to regulate it. Right now the situation is that there is no security. There is basic security on several hundred million devices out of the six billion. But the rest is hacked. This is because of the architecture and because no one thought that these devices could be used by zombie systems in bot networks" .
"Today it is much simpler to gain control over Internet of Things devices, such as DVR cameras, routers, smart TVs, and use them to build networks with hostile code compared to personal computers," Dolev explained.
"Once you gained control over one manufacturer that produces one camera and you understood what the main password was, you gained control over all the cameras he distributed in the world. On a PC it becomes more complicated - the level of security has improved and you need to maintain control. For an Internet of Things device that has never been updated, you gained Controlling hundreds of thousands of devices at the same time is easier, and there is currently an army that can do anything you want as an attacker."
Dolev gave an example of this, saying that "on November 30, 900 Germans connected to Deutsche Telekom's Internet services found themselves without Internet. Someone remotely entered their routers and prevented access. As soon as we managed to gain control of one Deutsche Telekom router, The transition from it to 900 thousand routers is one click."
Harden the approach? Mistake!
"There is a huge set of devices waiting for a hacker or cybercriminal to come in and exploit them," he said. "I am CEO of a cyber company that provides security and intelligence services to prevent them from being harmed by cyber attacks. We have seen in the last two weeks since the release of the code through which it is possible to take control of all Internet of Things devices, because there are Russians who rent Internet of Things devices to carry out attacks on them."
"Once all the attackers realized that when they gain control of one device, they reach all of them, they will invest even if the password is stronger - they will find the weakness," Dolev explained. "At that moment they gained control over hundreds of thousands or millions of devices. The fact that we toughen the approach - will not help."
"We are producing hundreds of millions of devices that will be a great temptation for the population of cyber attackers. I am not optimistic about the next two years. It is clear that there will be measures and solutions such as blocking ports at the national level, but they also have their own drawback."
In conclusion, Dolev says, "The forecast for 2017 is that Internet of Things devices will become a tool to serve attacks and criminals on a level we did not know before. They will become, as zombies, a tool that will serve much more attacks. I assume that there will be such devices that will cause new types of cyber attack."