Don’t Allow Adversaries to Crack the Code: How Testing Can Help Prevent Pivot Attacks
By: Reut Hackman, Chief Security Advisor at Cybrella, Tel Aviv
ssWith the sheer amount of unprotected data and information that exists in the IoT, the chances of cyberattacks have been steadily increasing, along with the need for innovative and experienced third-party cybersecurity companies.
As cybersecurity measures advance, so do the hacking methods. Rather than initially going for the most heavily protected assets, hackers now launch pivot attacks where they sneak in through vulnerable, unprotected gateways that have low assets and silently maneuver their way to the serious target. In short, they go through the backdoor.
The opportunity for pivot attacks greatly increased with the popularity of smart devices, such as the voice-activated assistant Amazon Alexa, which not only has access to great amounts of personal data like home privacy networks that contain garage codes, but can also listen into private conversations and in some rare cases, even record you . By using smart home devices as pivot points, hackers can make their way into your more heavily protected devices like your smartphone and launch their full attack there.
Insecure IoT devices prove to be easily exploitable in other fashions as well. In the case of the Mirai botnet, the botnet took advantage of vulnerable home IoT devices, like security cameras and baby monitors, by scanning big blocks of the internet for open Telnet ports and then attempting to log in using weak, default username/password combinations. The result: access to a multitude of compromised closed-circuit TV cameras and routers that were used for a large scale cyber-criminal exploitation.
Research on cybersecurity shows that third-party cybersecurity teams are essential for detection and protection against pivot attacks as they can identify pivot points through penetration testing, also known as ethical hacking. In addition, many third-party cybersecurity services protect against botnets by looking for vulnerabilities specific to the Mirai botnet, which is continuing to be reinvented in stronger, more dangerous ways; for example, they look for common usernames and passwords that are on Mirai’s list and recommend stronger choices.
At Cybrella, we provide client-specific advanced penetration testing, red teaming, and code review, which have been proven to be extremely beneficial in combating cyberattacks. Cybrella “red teams” simulate the most sophisticated hackers with malicious intent, identifying vulnerabilities that need to be further protected.
In addition, Cybrella performs Cyber Risk Assessments, which identify organization’s goals, assets, and data entry points, including pivot points. Our strategy for identifying criticality of assets is using the CIA (confidentiality, integrity, availability) triad model. Cybrella is an advanced and innovative third-party cybersecurity service which provides unique client-specific consulting, enabling organizations to feel safe in an increasingly hackable society.
Rapid advances in technology in Smart Cities are growing in parallel with advancements in Smart Factory and other Industrial IoT (IIoT). What makes them similar? The number of endpoints, for one, as deployments are growing larger and more complex.read more
For better or worse, technology is taking over. And I don’t mean in the obvious “everybody is connected to their smartphone” kind of way. Rather, in a more holistic and invasive way, we are letting technology reach and control every little aspect of our lives.read more
The Industrial Internet Consortium recently announced the publication of the Data Protection Best Practices White Paper, as another collaborative step in establishing data security, privacy and trust enhancements across multiple devices, sensors, gateways, applications, clouds and systems being deployed in industrial settings.read more