61398部队
Posted on 07/19/2018 10:23:09 AM PDT by gattaca
Facebook Twitter LinkedIn Email this article A spike in attacks sought access to devices that might yield audio or visual intelligence.
Four days before U.S. and Russian leaders met in Helsinki, hackers from China launched a wave of brute-force attacks on internet-connected devices in Finland, seeking to gain control of gear that could collect audio or visual intelligence, a new report says.
Traffic aimed at remote command-and-control features for Finnish internet-connected devices begain to spike July 12, according to a July 19 report by Seattle-based cybersecurity company F5.
“Finland is not typically a top attacked country; it receives a small number of attacks on a regular basis,” the report says.
China generally originates the largest chunk of such attacks; in May, Chinese attacks accounted for 29 percent of the total. But as attacks began to spike on July 12, China’s share rose to 34 percent, the report said. Attacks jumped 2,800 percent.
F5 Labs report on IOT traffic spike in Finland surrounding July 16 U.S. Russian Presidential Summit
The China-based hackers’ primary target was SSH (or Secure Shell) Port 22 — not a physical destination but a specific set of instructions for routing a message to the right destination when the message hits the server. “SSH brute force attacks are commonly used to exploit systems and [internet of things, or IOT] devices online,” the report says. “SSH is often used by IoT devices for ‘secure’ remote administration.”
Internet-of-things devices are particularly attractive targets for state-based hackers becuase many network administrators never change the password or login credentials for IOT devices on their networks from the factory default. That leaves those devices more vulnerable to brute-force attacks, in which hackers hit the devices with lots of random password combinations or combinations informed by some knowledge of how those manufacturers set default passwords and credentials. It’s the sort of attack that’s easier for actors with lots of human and computer power to throw at the problem, but hardly exclusive to them.
Related: Spooky Action: Sorting Hype from Reality in China’s Quantum-Tech Quest Related: Which Bugs Will Hackers Exploit First? Machine Learning Promises a Better Guess Related: China, Russia, and the US Are All Building Centers for Military AI “The rise of poorly secured Internet of Things (IoT) devices has made it possible for attackers to gain access to targets of interest. Nation-states, spies, mercenaries, and others don’t need to dress up as repairmen to plant bugs in rooms anymore; they can just hack into a room that has vulnerable IoT devices,” the report says.
The attackers also heavily targeted Session Initiation Protocol, or SIP, Port 5060, used by teleconferencing software and internet-based phone apps.
China wasn’t alone in trying to gain access to Helsinki’s internet-connected devices in the lead-up to the July 16 summit. Attack traffic came from the U.S., France, and Italy as well, in that order. But the U.S. and French traffic was in keeping with averages. Russian attack traffic dropped considerably from third, its usual spot, to fifth. German attack traffic jumped.
Speaking at the Aspen Security Forum on Wednesday evening, FBI director Christopher Wray commented that “China from a counterintelligence perspective represents the broadest, most pervasive, most threatening challenge we face as a country.”
Administration and national security officials have also been sounding the alarm about the state of Chinese industrial espionage. It was a concern experts brought up before the House Committee on Intelligence on Thursday morning. Michael Pillsbury, Director of the Center on Chinese Strategy at the Hudson Institute, noted “We have made a good start toward a new strategy toward China, but we may still be underestimating the problem and China’s resistance to change.”
Elsa Kania, an adjunct fellow at the Center for a New American Security, said, “It is clear that, despite the 2015 Xi-Obama agreement, Chinese cyber espionage, including that undertaken for purposes of IP theft, has continued, as in the recent troubling compromise of a Navy contractor by hackers from the Ministry of State Security.”
Michael Brown, a former CEO of Symantec corporation and one of the co-authors of the so-called DIUx Paper for the Pentagon — a paper that outlines the national security threat posed by the transfer of technology capital to China — testified that “Chinese companies already own significant parts of the military supply chain.”
A recent report from the Office of the Counterintelligence Executive describes China as “the world’s most active and persistent perpetrator of economic espionage.”
Where do you think Amazon Echo and Alexa are made? One command and they ship with ssh enabled.
What are device not installed, and unlikely to ever be installed, in my home, Alex?
Ya except you won’t need to install them. They will come with all new TVs, and many other appliances. It will soon be impossible to stop recording devices from entering your home
61398部队
Internet-Of-Things.....What could possibly go wrong?
Red China is our number 1 enemy. Most of our “loving” politicians have sold out to them. Traitors!
That can’t possibly be true. The media says it is the Russians.
From the same media who’ve over looked (a mistake, I’m sure) Killary getting $145 million from the Russians, Bill getting 500k for a speech to the Russians, Clinton operatives paying for fake dossiers from Russians...etc. The MSM are traitors to the Republic.
Most people don’t care about China as long as they keep shipping cheap junk to Wal Mart.
I’ve got a google home.
She’s not nearly as cold as my ex-wife or my ex-girlfriend.
But she’s not hot at all either.
They will care when they deliver ICBMs to their front steps. They’ve already announced they’re at war with us.
https://global-news-network.org/breaking-chinas-military-says-they-are-already-at-war-with-us/
Actually, the China made products at Walmart are of good quality.
If you say so. I never go there so I have no experience. Butt, when you go there can you smell the Trump supporters????
I hope I’m not in the hospital, when they attack these devices.
Every IOT device has been targeted. Security cameras are popular targets. You can even find a web site that lists unprotected cameras! I’m sure door locks are popular, too.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.