Google Home Hub Security Hole

Highlighting the need for thinking through security as you automate your home, Tech Crunch has found a huge hole in the Google Home Hub.   Not only can it be queried for information and updated by rouge devices on your network, it can also be ‘bricked’ – (made completely unresponsive even after power cycles).   

This certainly isn’t unique to this device, it just highlights the need for more security as you automate your home, regardless of the company size/brand which is producing the device. 

Newsletter – October 23, 2018

Hi – 

Thank you for subscribing to A Cloud of My Own newletter.  We appreciate your interest in security and securing your home and business.

  • https://www.acloudofmyown.com/2018/10/22/new-d-link-security-flaws-wont-be-fixed/
  • If you have one of these models of D-Links – you should be aware of the issue. The D-Link models affected are the DWR-116, DWR-140L, DWR-512, DWR-640L, DWR-712, DWR-912, DWR-921, and DWR-111, six of which date from 2013, with the DIR-640L first appearing in 2012 and the DWR-111 in 2014.
  • https://www.acloudofmyown.com/2018/10/22/what-is-a-bot-herder/
  • We have all heard of Bot Nets , (and we will go into more detail in a future newsletter).  Bot Herders are powerful programs which handle/manage and control large numbers of compromised devices.  Who knows – your devices could already be under the control of a bot herder.   A Cloud of My Own identifies the patterns of Bot Herder communications and takes action to bring your devices back under your control. 
  • https://www.acloudofmyown.com/2018/10/22/zeek-a-powerful-security-tool/
  • Zeek is an extremely powerful IDS / Network monitoring tool created and enhanced over 15 years to create a power network security.   These tools – formerly called the Bro IDS – are used by universites and corporations that have access to very smart , deeply technical people.  A Cloud of My Own leverages the power of Zeek, but makes its functionality easy for the user to understand in non-technical terms.  We do the work, you are protected and everyone benefits.  

Thanks for subscribing to our newsletter.  Please forward a copy along to folk who you think might be interested.   

Security is our passion.

New D-Link Security Flaws – Won’t be fixed

This remains a major issue in the IOT World.   Once devices become EOL (End of Life), security issues are no longer patched.  It is important to know if your devices at your home or business have moved to End Of Life…

A Cloud of My Own devices are updated via the Resin.io security software delivery system.  This allows us to provide updates to customers IOT devices without your having to figure out how to download an apply enhancements.  

Zeek – A Powerful Security Tool

A Cloud of My Own includes the incredibly power IDS tool – Zeek.   Zeek (formally called Bro-IDS) was built by two of the preminer eduational institutes involved in high end computing. –
 International Computer Science Institute in Berkeley, CA; and the National Center for Supercomputing Applications in Urbana-Champaign, IL. 

It was built in the real-world, and has been improved continuously over 15 of real world experience in protecting real networks. 

“While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyberinfrastructure. Zeek’s user community includes major universities, research labs, supercomputing centers, and open-science communities.

Zeek has originally been developed by Vern Paxson, who continues to lead the project now jointly with a core team of researchers and developers at the International Computer Science Institute in Berkeley, CA; and the National Center for Supercomputing Applications in Urbana-Champaign, IL.”

Read more about Zeek here http://www.zeek.org

What is a Bot Herder

It the post we discussed that it isn’t a person that is most likely hacking you directly, but its waves of automated hacking scripts.   If you aren’t actively mitigating the attacks, the devices connected to the network in your home could soon be controlled by and doing work for a ‘Bot Herder’.   

Your devices now can be turned either on you, or on someone else without your knowledge.

What is an Intrusion Detection System (IDS) ?

Many people mistakenly assume that when they purchase (or rent) and firewall / router for their home, that means that someone is protecting them from attacks.  Although this is true at the most basic level, certainly it would be the equivilent of putting door and windows on your home or office. 

Yes, the most basic attempts to get into your network may be stopped.  However, anything beyond that is a wide open risk.    A basic firewall / router may not even  lock the basic doors to protect you.    Most of these devices have external controls avaiable.  These can be used to control the device from outside of your home.   In fact from anywhere in the world. Even worse, many have known default usernames and password to control their all of their powerful functions. 

It is the equvilent of leaving your key in the front door, or a sticker with your access code right on the combination lock. 

Once through the front door, the protection delivered a firewall / router is no longer in play.   User traffic (in person or most likely automated hacking), will begin to traverse your home, looking for devices to connect to an exploit.

Your computers are most likely protected via anti-virus / malware protection, but any home automation devices (games, personal assistants (alexa, echo, etc,) are vulnerable.  

An IDS monitors all traffic inside and network , looking for abnormalities.  Then, if its an Reactive IDS, or had SIEM functionality, then it can take action to protect you and your devices.

Learn more about SIEM functionality next…

Here is a quick reference for you – https://en.wikipedia.org/wiki/Intrusion_detection_system

Why would anyone hack my network?

One of the most biggest challenges we have as Computer Security Professionals, is helping folks who don’t live and breath the dangers online everyday, understand the risks to their privacy and security they are under each minute of each day.

The idea that ‘No one’ would waste time hacking me, is a common facillicy. It is not a single person, sitting somewhere in the world, that suddently decides that your home or small / mid sized business is a great target.  This may happen, but the odds are low.

The basic tools to exploiting the home networks gapping holes are freely available and simple to use with little technial background.   This are simple to ‘unleash’ , as they are almost completely automated.  Think of your home or business every potential access point (window or door), being  continuously being tested by automated scripts.  These challenges wash up against your firewall, through your browsers, and attempt to gain entry into any devices that connect to the internet.   These could be cameras, personal assistments ( alexa, echo , google mini, samsung, etc.) , appliances, lights, heating/cooling systems, etc.

Once these automated script find a way to attached, ( and eventually they will), they will notify other scripts and servers that they are ‘in’ and available.  This is the point that the real trouble starts……