Study Shows Thousands of Consumer Internet Connectivity Devices Are Vulnerable to Attack

October 26, 2009 Study Shows Thousands of Consumer Internet Connectivity Devices Are Vulnerable to Attack

Enlarge

Columbia's Intrusion Detection Systems Lab, led by professor Salvatore J. Stolfo (center)

(PhysOrg.com) -- Following news reports that 65,000 modems and wireless routers used by Time Warner Cable customers are vulnerable to attack by hackers, a Columbia University expert on computer security and privacy has found that software flaws in embedded devices like routers, webcams and Voice over Internet Protocol (VoIP) phone adapters are far more widespread than previously known.

Salvatore J. Stolfo, a computer science professor and director of the Intrusion Detection Systems Lab at Columbia’s Fu Foundation School of Engineering and Applied Science, presented “Brave New World: Pervasive Insecurity of Embedded Network Devices” at a conference in France last month.

In the paper, co-authored by graduate students Ang Cui, Yingbo Song and Pratap V. Prabhu, Stolfo recounts how he and his team scanned thousands of consumer and business devices around the world and found that a high proportion of them were unprotected. Their ongoing research began in December 2008.

“Many thousands of unsuspecting people world-wide have this problem,” says Stolfo. “Many of these devices are easy targets for just about anyone with mal-intent. One can ‘log in’ to your home router and plant software in it, much like a virus, and record your network traffic or alter it; record phone conversations, or do just about anything nasty one can imagine.”

While scanning devices in North America, Europe and Asia, Stolfo found that certain types of consumer devices publicly accessible over the Internet have vulnerability rates as high as 41.62 percent. Among VoIP phones, the vulnerability rate was one in five. He and his colleagues, through an outside group, are contacting the Internet service providers who supply connectivity to those vulnerable devices. The ISPs, in turn, will warn the customers. An additional step may involve alerting vendors of the devices.

Like PCs, embedded devices contain software. This software is used to route messages in and out of one’s home or office. Vulnerability is introduced into the device when users fail to properly configure it before plugging it in. To protect themselves, consumers need only read their instruction manual and follow the directions telling them how to go online and set up their machine so no one can break into it.

Provided by The Earth Institute at Columbia University (news : web)


print this article email this article download pdf blog this article bookmark this article     Stumble it Digg this share on Facebook retweet share on Reddit add to delicious
Rate this story - 5 /5 (1 vote)


October 26, 2009 all stories

Comments: 0

5 /5 (1 vote)
  • Stumble this up

  • Digg this

  • share this

  • hide

  • Related Stories

  • Netgear to help Internet subscribers measure use
    created Jul 20, 2009 | popularity not rated yet | comments 0
  • Talk It Up! New Motorola Gateways Make Voice-over-IP and Home Networking Easy
    created Mar 07, 2005 | popularity not rated yet | comments 0
  • Netgear Routers to Add QoS for Home Video Streaming
    created May 08, 2007 | popularity not rated yet | comments 0
  • PC Chip Will Protect Users From Hackers and Viruses
    created Sep 16, 2004 | popularity not rated yet | comments 0
  • Microsoft Partners Announce New Phones, Devices
    created May 14, 2007 | popularity not rated yet | comments 0



  • hide

  • Relevant PhysicsForums posts

  • Help with a camera choice
    created Nov 18, 2009
  • casio calculator that's similar to TI-89
    created Nov 08, 2009
  • Advice on what cell phone to get
    created Nov 08, 2009
  • Changing the language options on your phone.
    created Nov 03, 2009
  • More from Physics Forums - Computing & Technology

Other News

plug-in hybrid electric vehicle

Pulling the plug on hybrid myths

Technology / Energy

created Nov 19, 2009 | popularity 3.8 / 5 (12) | comments 16

(PhysOrg.com) -- Whether you call them myths, urban legends, fables or old wives' tales, there's a lot of misinformation out there about plug-in electric hybrid vehicles. These vehicles, abbreviated PHEVs, ...


UK police make 2 Trojan computer virus arrests

Technology / Internet

created Nov 18, 2009 | popularity 5 / 5 (1) | comments 10

(AP) -- A couple suspected of helping spread some of the Internet's most aggressive computer viruses has been arrested in the English city of Manchester, police said Wednesday.


A sign marks the entrance to IBM Corporate Headquarters

IBM makes Big Blue cloud

Technology / Software

created Nov 16, 2009 | popularity 2.9 / 5 (8) | comments 8

IBM on Monday announced it has created the world's largest business computing "cloud" capable of holding an amount of digital data on a par with 250 billion iTunes songs.


Google SPDY

Google's SPDY will speed up downloads

Technology / Internet

created Nov 16, 2009 | popularity 4.4 / 5 (15) | comments 7

(PhysOrg.com) -- As part of its effort to speed up the Web, Google is experimenting with SPDY, a new application layer protocol, that it hopes will speed up the conversation between browsers and Web servers ...


Battery Research Aims To Store Renewable Energy

Battery Research Aims To Store Renewable Energy

Technology / Energy

created Nov 19, 2009 | popularity 3.9 / 5 (11) | comments 5

The biggest chemical battery in the United States is located near Interstate 90 in the small town of Luverne, Minn. The 80 ton device -- the size of two tractor-trailers stacked on top of each other -- stores ...




PhysOrg Account
advanced search
  • follow with twitter
  • follow on facebook
  • read with kindle
  • customize RSS
  • physorg mobile
  • newsletter