Posted on July 23, 2018 at 1:38 PM
DNS Rebinding Attacks Target Smart Devices
Cyber-security firm Armis has discovered a flaw in the Domain Name Services protocols for millions of smart devices. These devices are vulnerable to an exploit known as DNS rebinding, which can allow hackers access to your information.
Dangers of DNS Rebinding
Attacks that target the DNS can cause devices on a private network to connect to a public IP address and uses that new address to access information that would otherwise be unavailable. Any device that connects to a public network or address runs the risk of connecting to a malicious server.
Such addresses can be presented as anything from spam to embedded links hidden in adds. Once clicked, the link connects to attacker’s DNS server and gives the attacker a means by which to gain control of and access information on the vulnerable device.
The breached device becomes an access point for the attacker to target more devices on the network, thereby repeating the process and creating more vulnerable points by which to comprise and steal information.
Who is at Risk?
Any internet-enabled smart device is vulnerable to these types of attacks, including smart home devices such as Google Home or streaming devices such as Roku TV. Armis estimates half a million devices are susceptible, in part due to the sheer interconnectedness of smart devices.
Any internet connected device that has “smart” capabilities is at risk, even devices such as wireless printers. Many devices used by businesses are at a high risk of being targeted by these attacks, which can lead to breaches of valuable information as well as monetary losses.
Personal devices are also at risk of being targeted, however enterprise networks are most at risk because of the scope of the networks and the data available for attackers to potentially access.
What can we do?
Unfortunately, the cost and time investment required to patch errors across all vulnerable devices makes it unlikely that these vulnerabilities will be fixed by vendors.
The number and variety of devices that would need patching across generations of technology would be too great for vendors to consider an effective measure. However, through monitoring of networks and implementation of cyber-security services, you can reduce your vulnerability and negate potential DNS attacks.
Vigilance is key, and the best way to protect yourself and your business is by catching breaches in the early stages. Businesses should focus on careful monitoring and high-quality internet security to allow devices to operate safely on both internal and external networks. Individuals interested in safety can invest in similar types of monitoring and security, as well as using proxy servers to make their devices more difficult to target.
