fbpx

Don’t wait any longer. Get started today!

 
 

Directive Blogs

Directive has been serving the Oneonta area since 1993, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Crafty Hackers Find Ways to Intercept Wireless Transmissions

b2ap3_thumbnail_man_in_the_middle_400.jpgThe Internet of Things is constantly growing. Seemingly every commercially-available product now has a corresponding app or some sort of connectivity to the web. As this entity grows bigger still, you begin to see things that have very little intrinsic value coming with Internet connectivity.

One of these “things” in the news at the moment is a BB-8 droid toy built by Sphero. This toy, consisting of a typical Sphero, is a commercially available, app-controlled, robotic ball, that has been painted up like BB-8, the mischievous Droid from Star Wars Episode VII: The Force Awakens and marketed to people who want their very own droid.

How can a seemingly irrelevant toy be at risk? In a recent report, security experts were able to exploit a bug and “hack” into a BB-8 toy through its integrated wireless communication systems. This allowed them to inject code into the phone, which couples as the device’s remote. In the report, hackers were able to take full of control over the device in what is called a man-in-the-middle attack. While this particular case doesn’t reveal anything perilous, a man-in-the-middle attack can potentially be very dangerous if targeting something of substance.

Man-In-the-Middle
It’s not hard to understand what a man-in-the-middle attack is. For an analogy, you can go back to the first grade. Remember the game “telephone” that you used to play when you were a child? A man-in-the-middle hack produces similar results. Essentially, a person sends a message and the recipient receives it, but in the process of being relayed the message, someone adds or omits some crucial element of the message. Just imagine that instead of the sentence, “Jane runs through the forest,” the message that was interrupted and manipulated is a customer’s credit card number.

To completely understand the man-in-the-middle attack, you need to realize that, with the advent and use of wireless systems, more entities are at risk for this type of hack than ever before. This is why it’s important to implement safeguards to ensure that the information you send, regardless of whether you’re sending instructions for a toy from your smartphone, or an essential file from a PC to your server. You need to make sure that your commands are sent securely and get to the recipient in the way the sender had intended. Precautions such as remote monitoring and management, that include intrusion detection, and other protocols that work toward cyber security, are good solutions to combat potential network security.

Potential for Attacks Require Solutions
Wireless technology has altered a great many things. Cumbersome, wired systems that people have had to fumble with, are largely a thing of the past. Now people have to determine whether or not wireless systems are secure to use, and if they aren’t, they have to do what they can to secure them. There are literally hundreds of solutions to help users secure their devices, whether it be from a mobile device or a PC/Mac running off a wireless network. In some cases, however, an inconsequential and seemingly irrelevant piece of the puzzle (like in this case, a toy with buggy software), could potentially leave you exposed.

The certified technicians at Directive take pride in knowing what kind of solution is right for your organization. We will take into account the current state of your network and IT infrastructure, your current and projected growth, and the needs of the people that depend on the network most to find and implement the solution that allows your company to focus on their work and not the organization's computing needs. To learn more about network security and the solutions you need to keep your users out of the dark side, call us today at 607.433.2200.