Industry News

Five Percent of the Internet Could Be Hijacked via Embedded OS Flaws

The 2012 Internet Census published earlier this year revealed that embedded devices are facing serious security threats when connected to the Internet. The issue appears bigger than expected, according to Metasploit maker HD Moore’s presentation at AusCERT2013.

Embedded devices – an umbrella term defining specialized appliances that run their own operating system such as GPS receivers, industrial equipment, TV sets, smart fridges and routers – can be hijacked easily because of vendors’ lax security implementations.

According to the results of the latest Internet Census, an attacker could easily scan the IPv4 Internet space and look for hosts with UPnP or SNMP capabilities and turn them into remotely-controlled zombies.

“You can probably own five percent of the total Internet without even blinking,” Moore said in a quote for The Register. His research also revealed that more than 75 million devices all over the world are vulnerable to SNMP (Simple Network Management Protocol) design flaws, such as the connectionless SNMP over UDP.

Particularly damaging about hijacking embedded devices is that subversion can last years before it gets discovered. Since these devices are highly specialized, they never run antivirus or other kinds of intrusion detection software, so once they’re compromised, the malicious activity goes unnoticed.

About the author


Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.