There is very little difference between cybercriminals & business over the internet. Service Hosting companies sell & protect the privacy of every user including cybercriminals. Cyber attackers are buying legitimate services like DDOS-For-Work, Infrastructure hosting services. There is a proper project management tools, development tools, techniques, services & infrastructure to carry out a cyber attack.
Here is another online service that helps anybody to discover all the IoT devices connected to the internet: Smart TV, Toaster, Refrigerator, Radio etc.
As a marketing pitch here is what they sell.
However, let’s take an example. If someone got to know that there is a smart TV, AC, Radio in your house with the default password of the router. Do you think they would leave it as it is? Nope!. They would use it to hack it or use it to attack others.
Voice assistants – the demo targeted Siri, Google Assistant, and Bixby – are designed to respond when they detect the owner’s voice after noticing a trigger phrase such as ‘Ok, Google’.
Ultimately, commands are just sound waves, which other researchers have already shown can be emulated using ultrasonic waves which humans can’t hear, providing an attacker has a line of sight on the device and the distance is short.
What SurfingAttack adds to this is the ability to send the ultrasonic commands through a solid glass or wood table on which the smartphone was sitting using a circular piezoelectric disc connected to its underside.
Although the distance was only 43cm (17 inches), hiding the disc under a surface represents a more plausible, easier-to-conceal attack method than previous techniques.
As explained in a video showcasing the method, a remote laptop generates voice commands using text-to-speech (TTS) Module to produce simulated voice commands which are then transmitted to the disc using Wi-Fi or Bluetooth.
The researchers tested the method on 17 different smartphones models from Apple, Google, Samsung, Motorola, Xiaomi, and Huawei, successfully deploying SurfingAttack against 15 of them.
An IP address uniquely identifies a device on a network. You’ve seen these addresses before; they look something like 192.168.1.34.
An IP address is always a set of four numbers like that. Each number can range from 0 to 255. So, the full IP addressing range goes from 0.0.0.0 to 255.255.255.255.
The reason each number can only reach up to 255 is that each of the numbers is really an eight digit binary number (sometimes called an octet). In an octet, the number zero would be 00000000, while the number 255 would be 11111111, the maximum number the octet can reach. That IP address we mentioned before (192.168.1.34) in binary would look like this: 11000000.10101000.00000001.00100010.
DHCP stands for dynamic host configuration protocol and is a network protocol used on IP networks where a DHCP server automatically assigns an IP address and other information to each host on the network so they can communicate efficiently with other endpoints. Read more in
Have you heard the term the Internet of Bodies (IoB)? That may conjure up a few thoughts that have nothing to do with the true nature of the term, but it’s about using the human body as the latest data platform. At first, this concept seems quite creepy, but then when you realize the possibilities it creates, it becomes quite exciting. Here we explore what the Internet of Bodies is, some examples in use today, and a few of the challenges it presents.
There are three generations of Internet of Bodies that include:
· Body external: These are wearable devices such as Apple Watches or Fitbits that can monitor our health.Today In: Innovation
· Body internal: These include pacemakers, cochlear implants, and digital pills that go inside our bodies to monitor or control various aspects of our health.
· Body embedded: The third generation of the Internet of Bodies is embedded technology where technology and the human body are melded together and have a real-time connection to a remote machine.
The United Kingdom has been very pro-active in regulating the most important cybersecurity concerns. Bruce Schneier (Cyber Guru ) often suggests that it is time for the govt’s to act & regulate on the IoT devices. In recent times, U.K govt has done phenomenal job regulating following important security concerns.
Apart from regulations, The significant part is that UK govt partner with private companies to come up with solutions. Many govt’s hesitate to take other stakeholders onboard.
Who are the audiences of Code of Practice regulation?
IoT Service Providers
Mobile Application Developers
So, What are the security Concerns on IoT devices?
Consumer privacy: Many devices are more of spy devices & keep track of every user movement, private conversation, video recording etc. Experts tell us that Privacy isn’t a right anymore in today’s world & We should get over it. However, It can still be controlled with the right tools.
Consumer security: Biggest concern is that consumer security. The more you can connected the more you are vulnerable. Unlock home, remotely hacking home video, smart TV etc are normal nowadays.
Unsecured manufacturing & Retailing: Most of the IoT devices are unsecured. And, Organizations has huge controlled on it. A consumer does not have the authority to ask for more security. If someone can unlock the door because of misconfiguration, Manufacturer & service providers are not liable.
Used these unsecured devices in large hacking (i.e DDOS): You might be familiar with distributed denial of service. These IoT devices help to achieve that.
Code of Practice regulation applies in following types of devices
Connected children’s toys and baby monitors
Connected safety-relevant products such as smoke detectors and door locks