So how would it be if you found out that the key to your house also worked at your neighbor’s house. What if it turned out the builder in your subdivision used the exact same lock on every house they built, and your key could get you into every house in your neighborhood?
This is essentially the situation that security researchers at SEC Consult discovered with a host of Internet connected devices. Millions of routers, web cameras, DVRs and other devices share the same encryption key that is used for remote access and management. Some of these devices are the same Ubiquiti cable modems we about reported earlier. The weakness is in the use of HTTPS and SSH keys baked in the firmware of these devices. This leaves they all vulnerable to exploitation in a single attack. These devices are accessible from the Internet because in many cases the remote management feature was active by default, and had not been disabled at the time of installation.
There are a couple of great articles that go into detail if you are interested. The links are below. The take-aways here are the same:
- Disable remote administration
- Change all default users and passwords
- Change your cryptographic keys from the default too.
More information:
Share
APR
About the Author:
I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com