Top 5 IoT Hacks

In this article you can get top 5 IoT hack which can ease and safe your life. The Internet of Things (IoT) automates your lives by connecting everything around you from your cars to your homes to even your bodies.

On the other side of the spectrum is the concern for the safety and security of your data. All data is interconnected, which reduces the efforts needed by hackers to hack the entire system. A large number of Internet-connected devices lack even the most basic cyber security protocols, making these hackable in minutes. And even though most secure and trusted machines give hackers a tough time, one tiny loophole is sufficient for them to steal your data.

You are on the driving seat, but it is not you who is driving

Hack iot car

Charlie Miller and Chris Valasek, automotive cyber security researchers, have proved that hacking Jeeps is child’s play for them, especially because all carmakers are doing their best to turn an automobile into a smartphone. Uconnect, an Internet-connected computer feature in hundreds of thousands of Fiat Chrysler cars, sport utility vehicles (SUVs) and trucks, controls the vehicles’ entertainment and navigation, enables phone calls and offers Wi-Fi hot spots. Uconnect’s mobile connection lets anyone who knows the car’s Internet Protocol (IP) address gain access from anywhere in the world. In 2015, the duo attacked a Jeep over the Internet, from a distance of around 15 kilometres. They toyed with the air-conditioning, radio and windshield wipers, disabled brakes at low speeds and managed to paralyse the vehicle. This made Chrysler announce for a recall of 1.4 million vehicles and fix the vulnerabilities. But now these researchers have come out with better hacking tricks.

Adventures of Barnaby Jack

Barnaby Jack, a hacker programmer and computer security expert, has managed to hack multiple devices including automatic teller machines (ATMs), pacemakers, ear implants and insulin pumps. At Black Hat conference in 2010, he gave a presentation on jackpotting, or exploiting ATMs to make these dispense cash without using a bank’s debit or credit card. Jack gave demonstrations about different kinds of attacks involving physical access to the machines and completely automated remote attacks. In both cases, malware was injected into the operating system of the machines, causing these to fraudulently dispense currency on the attacker’s command. During the remote attack, malware was installed on the target system via exploited vulnerabilities in the remote management system, most notably the use of default passwords and remote management transmission control protocol (TCP) ports. The attacker then executed the malware, causing the target ATM to dispense a given amount of currency. Jack has also developed software that allows him to remotely send an electric shock to anyone wearing a pacemaker within a 15 metres radius.

World’s first digital weapon

World’s first digital weapon
World’s first digital weapon

Stuxnet, a highly sophisticated computer worm was discovered in 2010 and was essentially termed the world’s first digital weapon. It was developed by American and Israeli governments, and was used to wreak havoc on an Iranian nuclear facility called Natanz. It targets industrial control systems that are used to monitor and control large-scale industrial facilities like power plants, dams, waste-processing systems and similar operations. It allows attackers to take control of these systems without the operators knowing. Attack using Stuxnet was the first one that allowed hackers to manipulate real-world equipment, thereby making it very dangerous. It was the first computer virus to be able to wreak havoc in the physical world.

A kindle of devices attacked at once

A kindle of devices attacked at once
A kindle of devices attacked at once

A massive Distributed Denial of Service (DDoS) attack against Dyn, a major domain name system (DNS) provider, broke large portions of the Internet in October 2016, causing significant outage to a ton of websites and services, including Twitter, GitHub, PayPal, Amazon, Reddit, Netflix and Spotify. According to security intelligence firm Flashpoint, Mirai bots were detected driving much, but not necessarily all, of the traffic in the DDoS attacks against DynDNS. Mirai is a piece of malware that targets IoT devices such as routers, security cameras and DVRs, and enslaves vast numbers of these compromised devices into a botnet, which is then used to conduct DDoS attacks. Since the source code of Mirai botnet has already been made available to the public, anyone can wield these attacks against targets.

Not-so-smart refrigerator

Not-so-smart refrigerator
Not-so-smart refrigerator

White-hat hackers, or ethical computer hackers, at Pen-Test Partners were able to use fake security credentials to intercept communications between the fridge and Google Calendar. Besides the fridge, the hackers also found 25 vulnerabilities in 14 allegedly smartdevices including scales, coffee makers, wireless cameras, locks, home automation hubs and fingerprint readers. The hack was pulled off against smartfridge, part of Samsung’s line-up of Smart Home appliances that can be controlled via their Smart Home app. While the fridge implements SSL, it fails to validate SSL certificates; thereby, enabling man-in-the-middle attacks against most connections.

[td_smart_list_end]

To sum it, the threats are real and our data is prone to attacks. Therefore while using IoT devices make sure that security is built on the foundation of the system and validity checks, authentication, data verification and encryption is carried out frequently.

Hope you enjoy this information please speak with us via comments.

By Tell Me How

It is a technology blog and admin has excellent experience in programming from 5+ year. You can contact us at ceo.tellmehow@gmail.com

Share your thoughts

Leave a Reply

Loading Facebook Comments ...
Loading Disqus Comments ...