Monday, October 23, 2017

Cybersecurity tips from the FBI


In conjunction with National Cyber Security Awareness Month, the Federal Bureau of Investigation is re-iterating the growing concern of cybercriminals targeting unsecure Internet of Things (IoT) devices. The number of IoT devices in use is expected to increase from 5 billion in 2016 to an estimated 20 to 50 billion by 2020. Once an IoT device is compromised, cybercriminals can facilitate attacks on other systems or networks, send spam e-mails, steal personal information, interfere with physical safety, and leverage compromised devices for participation in distributed denial of service (DDoS) attacks.

IoT refers to a network of physical devices, vehicles, buildings, and other items (often called “smart devices”) embedded with electronics, software, sensors, actuators, and network connectivity enabling these objects to collect and exchange data. Below are examples of IoT devices:

  • Home automation devices (e.g., devices which control lighting, heating and cooling, electricity, sprinklers, locks);
  • Security systems (e.g., alarm systems, surveillance cameras);
  • Medical devices (e.g., wireless heart monitors, insulin dispensers);
  • Wearables (e.g., fitness trackers, clothing, watches);
  • Smart appliances (e.g., refrigerators, vacuums, stoves);
  • Office equipment (e.g., wireless printers, computer mouse, outlets, interactive whiteboards);
  • Entertainment devices (e.g., DVRs, TVs, gaming systems, music players, toys); and
  • Hubs (devices that control other IoT devices through a single app).

As more businesses and homeowners use Internet-connected devices to enhance company efficiency or lifestyle conveniences, their connection to the Internet provides new vulnerabilities for malicious cyber actors to exploit. In 2016 and 2017, cyber actors have demonstrated the ease in which IoT device vulnerabilities can be compromised and leveraged. Deficient security capabilities, difficulties in patching vulnerabilities, and a lack of consumer security awareness provide cyber actors with opportunities to exploit these devices.

In September 2016, cyber-actors using the Mirai botnet infected IoT devices—including routers, cameras, and digital video recorders—for the purpose of conducting DDoS attacks. The actors exploited openly accessible devices via the Internet with common default usernames and passwords.

In February 2017, a hacker compromised more than 160,000 printers with open connections to the Internet by scanning for those with specific open ports. The hacker claimed the devices were part of a botnet and sent print jobs to the affected printers.

In August 2017, a cyber actor released a list of over 33,000 usernames and passwords for IoT devices, including cameras, DVRs, and routers. While the majority of these devices were located in Asia and China, many of the devices were also found in the United States. A researcher conducted a test against this list and discovered many of these devices were almost instantly exploited, often taking less than two minutes between discovery and infection.

Unsecured or poorly secured devices provide opportunities for cybercriminals to intrude on private networks and gain access to other devices and information attached to these networks.

Cybercriminals often take advantage of default usernames and passwords to merge IoT devices with others into a large botnet. These botnets can facilitate DDoS attacks against popular Web sites or network resources. These attacks cause Web sites to run slow, prevent users from being able to connect, or potentially take down multiple Web sites associated with the network under attack.

Consumer Protection and Defense
It can be difficult to determine if an IoT device has been compromised. However, there are many reputable resources and tools available that search for vulnerable network devices. The following recommendations can be implemented to help secure IoT devices from cyber attacks.

  • Change default usernames and passwords. Many default passwords are collected and posted on the Internet. Do not use common words and simple phrases or passwords containing easily obtainable personal information, such as important dates or names of children or pets.
  • If the device does not allow the capability to change the access password, ensure the device providing wireless Internet service has a strong password and encryption.
  • Isolate IoT devices on their own protected networks.
  • Configure network firewalls to block traffic from unauthorized IP addresses and disable port forwarding.
  • Review and implement device manufacturer security recommendations, if available. Consider turning devices off when not in use.
  • Research your options when shopping for new IoT devices. When conducting research, use reputable Web sites that specialize in cybersecurity analysis, provide reviews on consumer products, and support consumer advocacy.
  • Look for products from manufacturers with a track record of providing security to their Internet-connected products. Look for companies that offer firmware and software updates, and identify how and when these updates are provided.
  • Identify what data is collected and stored by the devices, including whether you can opt out of this collection, how long the data is stored, whether it is encrypted in storage, and if the data is shared with a third party. Also, identify what protections and policies are in place in case there is a data breach.
  • Ensure all IoT devices are up to date and security patches are incorporated when available.
  • Use current cybersecurity best practices when connecting IoT devices to wireless networks and when connecting remotely to an IoT device.
  • Invest in a secure router with robust security and authentication.

Most routers will allow users to whitelist, or specify which devices are authorized to connect to a local network. Whitelisting can be used to identify malicious network traffic from unauthorized devices and prevent them from making a connection.

Additional Resources
For additional information on cyber threats to IoT devices, please refer to "Internet of Things Poses Opportunities For Cyber Crime," available at https://www.IC3.gov/media/2015/150910.aspx and "Internet-Connected Toys Could Present Privacy and Contact Concerns for Children," available at https://www.IC3.gov/media/2017/170717.aspx.

Victim Reporting
If you suspect your IoT device(s) may have been compromised, contact your local FBI office and/or file a complaint with the Internet Crime Complaint Center at www.ic3.gov.

These tips are brought to you by the Warrendale (Detroit) Blog as part of our Tip of the Week feature. Please check back next week for more advice for your home, money, and life.

Friday, October 20, 2017

Michigan's namesake ship arrives in South Korea

USS Michigan arrives in South Korea/Photo courtesy of the US Navy
The Ohio-class guided-missile submarine USS Michigan arrived at Busan, South Korea on October 13 for a routine visit during a regularly scheduled deployment to the Western Pacific. During the visit Sailors will experience the culture and history of the Republic of Korea (ROK), as well as foster outstanding relations between the U.S. Navy, ROK military and the local Busan community.

“The U.S. and ROK navies have always enjoyed a strong relationship. Today, our relationship is stronger than it has ever been and our ironclad partnership is further reinforced by this visit from Michigan," said Rear Adm. Brad Cooper, commander, U.S. Naval Forces Korea. “Michigan Sailors were warmly welcomed by the ROK Navy today and I know they’ll receive the same wonderful welcome from the local community during their visit to Busan."

USS Michigan is one of four Ohio-class guided-missile submarines.  The Navy’s guided-missile submarines provide the Navy with unprecedented strike and special operation mission capabilities from a stealthy, clandestine platform. Armed with tactical missiles and equipped with superior communications capabilities, guided-missile submarines are capable of launching missile strikes and supporting Special Operation Forces missions.

 “Throughout this deployment, the crew has been extremely professional and dedicated,” said Capt. Gustavo Gutierrez, Michigan’s commanding officer. “Everyone on board is mission ready, and I’m proud of being their commanding officer.”

Measuring more than 560 feet long and weighing more than 18,000 tons when submerged, Michigan is one of the largest submarines in the world.

“We are looking forward to working with our [Republic of Korea Navy] partners and experiencing the Korean culture, which is a first for many of us,” said Gutierrez.

Michigan is the second submarine of the Ohio-class of ballistic missile submarines and guided missile submarines, and the third U.S. Navy Michigan to bear the name. Michigan is homeported in Bremerton, Washington and is forward deployed from Guam.

Editor's note: This post is a part of this blog's semi-regular Friday Focus series, which endeavors to highlight news and opinions that, in my opinion, don't get as much attention as they deserve.

Thursday, October 19, 2017

Rollover accident on Southfield Freeway

Rollover accident on Southfield Fwy. - Photo by Frank Nemecek
There has been a rollover accident on the northbound Southfield Freeway between Paul and W. Warren Ave. Police, firefighters, and an ambulance are on the scene.

Traffic in the area is at a virtual standstill. Motorists are advised to avoid the area, if possible.

Wednesday, October 11, 2017

Power outage in Warrendale

Screen grab from DTE Energy showing the areas without power
According to DTE Energy, 882 households in the Warrendale neighborhood are currently without power. These outages are happening in the area south of Whitlock and west of the Southfield Freeway in Detroit.

Crews are currently working to restore power. However, the utility does not have an estimate currently available as to when power will be restored throughout the neighborhood.