- An IoT company has undergone a major data violation, warn the experts
- The leak exposed a hydro Databse containing nearly 2.7 billion records
- The records were mainly made up of WiFi information and network device
Mars Hydro, a Chinese company that produces a range of Internet objects (IoT) devices such as LED lights and hydroponic equipment, has undergone a massive data violation after unprotected database containing almost 2, 7 billion records was discovered online.
The security researcher, Jeremiah Fowler, identified the protected non -motorized database, which included WiFi network names, passwords, IP addresses, device numbers, etc.
Users of these products should be aware that there may be a risk that the details of their WiFi networks be compromised, and there may be implications on national security if the information falls into bad hands. Although the researcher does not suggest personally identifiable information, users should always understand the risks, here is what we know.
Vulnerable devices
Many products are controlled by devices connected to the Internet (such as smartphones), and information on this subject has been included in the violation. It is not yet clear if the database is managed or held directly by Mars Hydro and solutions led by LG, or if this has been managed by a third party contractor.
There are problems of confidentiality and safety of devices and, as Fowler points out, a previous report estimated that 57% of IoT devices were considered very vulnerable, and 98% of the data transmitted by these devices are not encrypted.
“The worst hypothetical case would be if this information was used for surveillance, surveillance attacks (MITM), the mapping of critical networks and infrastructure, or another potential abusive use,” said Fowler.
Although there is no evidence that threat actors have accessed the raped data, it should be feared that the information will be accessible by foreign governments and used for “surveillance or intelligence” purposes.
“I do not say or imply that these companies are engaged in one of these activities or that their users are in danger,” continued Fowler.
“I do not pretend that simply because a request was presented in China or to Chinese property, there is an imminent risk. I only emphasize the data collected and how it could be a potential security risk between bad hands.”
IOT devices have already been targeted, especially by bott, which increased 500%, and are a growing problem. Known software defects or easy -to -break passwords are in a network. Once a device is compromised, this can lead to a botnet of compromise devices, which can be used to spread malware, launch DDOS attacks or infiltrate critical systems.
Data violation complications
In this data set, research describes by seeing “a massive amount of SSID names exposed, passwords, Mac addresses and user IP addresses which could potentially allow unauthorized distant access to the Wi-Fi network of the device. “
This means that the identification information exposed could theoretically allow an attacker to connect to the network and compromise other devices. Nokia recently reported that IoT devices engaged in DDOS attacks focused on the botnet have increased by 500% in the last 18 months and now represent 40% of all DDOS traffic.
To mitigate the risks, administrators should first be sure to immediately modify the default passwords. Passwords with IoT tools are often shared between the fleets of the same device – unchanged passwords can mean that hackers already have access.
A solid and unique password is essential for any device, and we have drawn up a list of tips to create a secure and safe password if you need advice.
Another important consideration is to strengthen your software. Patch management is crucial, part of your vulnerability management program, and staying up to date offers you an additional layer of protection against zero day.
Finally and above all, be proactive. The weakness and low backend backups are on which hackers count, therefore the closely monitoring of suspicious behavior segmentation networks and consolidation of final points management with a unified console can all help you protect.
We have set up a guide for administrators, if you want to see more detailed advice.
