Question 397

Question Answered step-by-step For these “white hat” hackers, the key to building a successful defenseis to find weaknesses and fix them before someone else breaks in. Given the ubiquity of online communication, plugging security flaws is critical at all scales, whether it’s protecting someone’s bank account or, say, preventing the hacking of political campaigns to influence a national election.Margulies acknowledges he’s not a great hacker — he’s better at identifying security vulnerabilities than actually replicating the destructive coding and social engineering tactics of malicious hackers. But searching for electronic fault lines is still second nature, even when he’s not at work. “You can’t help trying to break things all the time,” he says. So, there he was, in 2015, with a brand-new gizmo in hand, a new system to break.He wanted to know: How vulnerable is this new garage door opener? Could someone hack it and enter uninvited?A smart opener connects to his home network, so just as a burglar who gets into a house could rummage from room to room, a malicious intruder who’s taken control of the garage door could access every other connected device in the home — phones, televisions, laptops and all their data.It’s home invasion, in bed with identify theft.So Margulies began to map fatal flaws in his new opener’s digital design. Could he, effectively, break into his own house?HACK ALL THE THINGS!Security experts are both thrilled and anxious about the internet of things (IoT), the ever-growing collection of smart electronic gadgets that interact with the world around them. It includes devices like Margulies’ new garage door, as well as refrigerators you can text to see if you’re low on milk and tennis rackets that offer tips on a better backhand — even smart sex toys. The technology research firm Gartner estimates that 6.4 billion such IoT devices were connected online in 2016, and that number doesn’t include smartphones, tablets or laptops.But buyer beware: Smart devices prize convenience and novelty, not security. “The challenge with IoT is that the market is so enthusiastic right now — connected devices are super cool,” says Ted Harrington, a San Diego-based partner at Independent Security Evaluators, the company that first hacked an iPhone in 2007. “The problem is that this enthusiasm is really overshadowing the security challenges.”On Oct. 21, 2016, those challenges burst out of the shadows. Three times that day, hackers launched attacks against Dyn, a company that reads the URL you type in a web browser and directs you to a webpage — a kind of digital phone book. The onslaught persisted for six hours, blocking or slowing access to dozens of prominent websites, including Netflix, Twitter and Amazon. This type of event is known as a distributed denial-of-service (DDoS) attack, which means so many devices sent simultaneous requests that Dyn’s system was overwhelmed and broke down. It was the largest attack of its kind in history, but it won’t be the last. (May’s cyberattack, which spread to hundreds of thousands of users in 150 countries, used a different tack to hold computers hostage.)Turns out, IoT played an important role in the Dyn hack. In the aftermath of the hack, security experts determined that the attackers had hijacked tens of thousands of connected household devices, including surveillance cameras, routers and DVRs, directing them to connect to Dyn at the same time. Such a collection of co-opted, zombie devices is called a botnet, and the owners likely had no idea their gadgets were causing the widespread internet slowdown they complained about on Facebook.The most disturbing part of the hack was its simplicity. The attackers didn’t need coding chops or Hollywood movie-level hacker prowess. Instead, they commandeered devices just by logging in — using the default username and password provided by the manufacturer, which the owners had never bothered to change.”Remember when everybody had a VHS player in their living rooms?” asks Mikko Hypponen, a Finnish computer security expert. “It always flashed 12:00 because the time hadn’t been set. It’s expecting you to get the manual and set the time, and you never did.” So it goes with IoT devices, he says. “You go and buy your security camera, you screw it onto the wall, and it works. It is effectively now blinking 12:00. That’s the default password the Dyn attack was using.”May Wang wasn’t surprised by the attack either. A few years ago, she helped launch Zingbox, a San Francisco-based security firm that focuses on IoT devices. Zingbox hosts an in-house IoT lab where engineers and computer scientists try to break a variety of connected devices. They don’t last long. “Many of them we can hack within minutes,” she says. Health Science Science Nursing NURSING 328 Share QuestionEmailCopy link Comments (0)

Needs help with similar assignment?

We are available 24x7 to deliver the best services and assignment ready within 3-4 hours? Order a custom-written, plagiarism-free paper

Get Answer Over WhatsApp Order Paper Now