From the editor’s desk: Presenting … how you were hacked

May 2019 News

“It’s all fun and games until you hit the wall.” Someone said that to me once (an American, so I don’t know if that’s a common saying in the US). At the time I thought he watched too much reality TV.

These days, however, I think I have a better understanding of what the phrase means. At the time he was working for SCO, a company that made an awesome version of Unix back in the day. After some business dealings, the company decided its business model wouldn’t be based on software that was popular in many small- to medium-sized businesses, and that was loved by almost everyone who came into contact with it (I may be a little biased here, but meeting the CEO and other execs in Santa Cruz was an experience; I have never seen people so passionate about what they did, not even professional marketers who are paid to be excited). But the new bosses decided they would make a fortune by suing people using open source software.

Needless to say the company was under the influence of another company with good reason to badmouth Linux, but that’s another story. Needless to say, their route down was fairly straight with no time for somersaults or any taking in of the scenery.

Not that SCO has anything to do with this editorial. However, I think it may be time to accept that the wall has been hit and to take a step back and re-evaluate. Remember back in 2016 when Mirai became famous? In case not, “In 2016, Mirai showed the massive destructive potential of DDoS attacks as a result of insecure consumer IoT (Internet of Things) devices. Mirai’s attacks exploited only a small number of devices and vulnerabilities and used basic password guessing techniques” (www.securitysa.com/56500n). It’s back and more advanced than ever, see www.securitysa.com/*mirai1 (redirects to https://arstechnica.com/information-technology/2019/03/mirai-botnet-aims-to-wrap-its-tentacles-around-a-new-crop-of-iot-devices/).

While the old version was known for targeting “routers, network storage devices, NVRs, and IP cameras”, the new variant of Mirai adds 11 new exploits, including “WePresent WiPG-1000 Wireless Presentation systems, and in LG Supersign TVs … as well as new credentials to use in brute force against devices.” You can read more at www.securitysa.com/*mirai2 (redirects to https://unit42.paloaltonetworks.com/new-mirai-variant-targets-enterprise-wireless-presentation-display-systems/).

So now your projector and your TV can be weaponised against you. It really is time we forget about physical and logical security, IoT security and anything else security and focus on security. If it’s electronic, it’s a risk. That should be simple enough.

Remember Stuxnet (https://en.wikipedia.org/wiki/Stuxnet) malware was installed in a highly secure environment that was ‘air-gapped’ – another stupid word that means it had no electronic connection to the outside world. How hard could it be to get into your network, home Wi-Fi or campus?

Andrew Seldon

Editor


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

TAPA 2019 conference: A layered approach to cargo security
May 2019, Technews Publishing , Calendar of Events
26 July 2019 Emperors Palace, Gauteng TAPA members: no charge (maximum of three delegates per member company), Non-TAPA members: R1780 excl VAT. The South African chapter of the Transported Asset Protection ...

Read more...
iLegal 2019
May 2019, Technews Publishing , Calendar of Events
iLegal 2019    Johannesburg, South Africa    12 September 2019 iLegal, hosted by Dr Craig Donald and Hi-Tech Security Solutions, returns in 2019 with another full-day event covering insights and advice into ...

Read more...
Securex Preview 2019
Securex Preview 2019, Technews Publishing , Conferences & Events
Securex is upon us once again and Hi-Tech Security Solutions is here with another brief preview of what the show has to offer.

Read more...
Platforms and community lead the future
May 2019, Milestone Systems , Editor's Choice, CCTV, Surveillance & Remote Monitoring, News, Integrated Solutions
Milestone Systems took a look into the future of open platforms and the power of community at MIPS EMEA in Copenhagen in March this year.

Read more...
30 years of business continuity
May 2019, ContinuitySA, Technews Publishing , Editor's Choice, Security Services & Risk Management
ContinuitySA is celebrating its 30th anniversary this year and Hi-Tech Security Solutions spoke to CEO Michael Davies about the changes he has seen in the business continuity and disaster recovery markets.

Read more...
iLegal 2019: Augmented surveillance - realising the full potential of CCTV
May 2019, Technews Publishing , Editor's Choice, News, Conferences & Events, Training & Education
iLegal 2019 will look at what is becoming known as Augmented Surveillance – using technologies and people interactively to maximise results from operators and control rooms in order to make intelligent security and business decisions.

Read more...
Local manufacturing from Hissco International
May 2019, Hissco , Editor's Choice, Asset Management, EAS, RFID, News
Hissco International recently announced it has set up a local manufacturing partnership that will supply X-ray equipment to partners around the world.

Read more...
Face to face with Suprema FaceLite
May 2019, Suprema , Editor's Choice, Access Control & Identity Management, News, Products
Suprema has announced the launch of FaceLite, the new generation compact face recognition terminal designed for enterprise access control as well as time and attendance applications.

Read more...
ASSA ABLOY showcases latest digital access solutions
May 2019, ASSA ABLOY South Africa , Editor's Choice, Access Control & Identity Management, News
ASSA ABLOY hosted a breakfast at the Country Club Johannesburg in Woodmead on 2 April, to showcase the company’s latest and greatest digital access solutions.

Read more...
Fidelity Fire Solutions receives BSI accreditation
May 2019, Fidelity Security Group , Editor's Choice, Fire & Safety, News
Fidelity Fire Solutions is one of the first fire solutions providers in South Africa to be awarded the British Standards Institution (BSI) certification for portable fire products.

Read more...