Is Your Home (Network) Haunted? The Threats of the Ghost Vulnerability and the IoT


Recent vulnerabilities have surfaced that have opened up interesting debates and spirited discussions regarding what I see as vulnerabilities in embedded Linux systems.  Devices that are considered part of the “Internet of Things” (IoT) have embedded Linux and this can make it fairly easy for hackers to compromise home networks.   

For the IoT to work, it needs to connect to your wireless network at home.  This is how you can unlock your front door, power on your lights, engage your security system, or even change the ambient temperature in your home from virtually anywhere in the world. The IoT can help manage your household in many ways all through a few swipes on your mobile device – from unlocking your front door for a contractor or babysitter to engaging interior and exterior lights while you’re on vacation.  Unfortunately, however, hackers have the potential to override your home system – and it’s easier than you think.

Turning a blind eye towards robust password combinations for home wireless routers, there are some users who create the simplest of passwords, keep the manufacturer’s default settings or don’t create a password at all. By doing so, the homeowner is asking for trouble. Even for the less experienced hacker, a few minutes of guesswork can grant them easy access.    

Once in, a quick configuration change can allow the hacker to place an infected version of Open-WRT onto the router.   Open-WRT is a Linux distribution for embedded systems with a fully writeable file system.   After a quick reboot, the infected Open-WRT now connects to a command and control server (or a list of places) and the homeowner is none the wiser. The hacker can now start advertising that infected router as any one of the access points in the neighborhood.  

ghost-vulnerability-david-hobbs

With a few keystrokes, they can spoof the name of someone else’s access point and that owner will think they are connecting to their own network, but it is really the infected router.  This occurs when the infected Wi-Fi router beacons out “De-Authorization” packets to a computer until the user connects to the infected router. This well-known exploit can be accomplished through various off-the-shelf devices and pen testing kits.

When computers are connecting to an infected access point, a hacker can harvest the password for your Wi-Fi from your authorization request, and now the infected router can connect as a “repeater” to your Wi-Fi router and exploit it through available vulnerabilities such as “Shellshock” or “GHOST” which is a buffer overflow bug (glibc – getbyhostname). Or, they can use a password cracking tool to guess the password.

So what do hackers do with all of these infected home routers?

  • Harvest botnets for DDoS attacks
  • Infect home computers with malware, etc.
  • Take advantage of what you access on your personal laptop:  bank/financial information, shopping, medical records.

If you were to ask your immediate family members “when was the last time you patched your home router?” what do you think the answer will be? 

By 2020, industry statistics state there will be over 200 billion “things” connected to the Internet. I was shocked by this number – until I did an inventory of all the things that are connected in my own home. After counting the modem, firewall, Wi-Fi router, tablets, computers, “smart” devices like thermostats, etc. I found that I had 27 things that were connected to my network. Granted, I’ve had to patch everything multiple times this year and also run a Unified Threat Management platform at home, but who else has done this?  

There will be patches for all of the vulnerable systems out there, but how many home users update and patch their routers?

Keeping ahead of hackers is similar to a chess match. When we make a move, they counter with their own move. I believe the rise of the army of thingbots is going to grow exponentially in 2015, but by no means should this turn into a digital apocalypse. By employing best practices in network security such as intricate password combinations for your wireless router and updating and patching your routers you can keep a few steps ahead of the threat. And sometimes, that’s all you need to rid your home of ghosts.

David Hobbs

As Director of Security Solutions, David Hobbs is responsible for developing, managing, and increasing the company’s security practice in APAC. Before joining Radware, David was at one of the leading Breach Investigation Firms in the US. David has worked in the Security and Engineering arena for over 20 years and during this time has helped various government agencies and world governments in various cyber security issues across all sectors.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

CyberPedia

An Online Encyclopedia Of Cyberattack and Cybersecurity Terms

CyberPedia
What is WAF?
What is DDoS?
Bot Detection
ARP Spoofing

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center