Scarinci Hollenbeck, LLC
The Firm
201-896-4100 info@sh-law.comTop Cybersecurity Threats Unveiled by Hackers – Is Anyone Safe?
Author: Scarinci Hollenbeck, LLC|August 25, 2015
The world’s top security experts, hackers, and researchers gathered recently in Las Vegas for the Black Hat and DEF CON conferences to discuss the top cybersecurity threats on the globe.
Top Cybersecurity Threats Unveiled by Hackers – Is Anyone Safe?
The world’s top security experts, hackers, and researchers gathered recently in Las Vegas for the Black Hat and DEF CON conferences to discuss the top cybersecurity threats on the globe.
The events confirmed that no industry is safe from the top cybersecurity threats, with hackers exposing vulnerabilities in everything from cell phones to drones to rifles.
The ability to remotely control a Jeep Grand Cherokee via its UConnect entertainment system was arguably the most publicized hack to come out of the Black Hat conference. The security vulnerability subsequently prompted the recall of approximately 1.4 million Chrysler-Fiat vehicles in the United States.
Although they did not receive the same media attention, presenters at Black Hat and DEF CON revealed several other equally concerning cybersecurity threats. Below are just a few:
- Intel CPUs: Older Intel chips that predate second-generation Core processor family (known as Sandy Bridge) have a security flaw that allows hackers to install a rootkit into the System Management Mode (SMM). The vulnerability is significant because antivirus is unable to detect the malware and hackers can still access the machines even after a complete wipe.
- Android Devices: Security experts revealed a security flaw that impacts millions of Android devices. According to security experts, attackers could gain access to the devices via a simple MMS message or multimedia file. To address the issue, Android will embark on the “single largest unified software update in the world.”
- Smart Safes: Retailers and other businesses often rely on high-tech safes that have built-in computers. In many cases, the touch screen interface requires two users to provide authentication credentials in order to safe. Hackers showed how they could access the computer to create new users and then use a USB thumb drive port to enter their phony credentials.
- OnStar Vehicle Technology: Chrysler is not the only automaker with cybersecurity concerns. Hackers revealed that they were able to “locate, unlock and remote start any vehicle with OnStar RemoteLink after intercepting communication between the RemoteLink mobile app and OnStar servers.”
- Internal LTE/3G Modems: Laptops and tablets increasingly come equipped with internal modems that allow users to work remotely via a mobile data connection. Hackers used a flaw in the firmware update process to install malware that persists even if the operating system is wiped or reinstalled.
For businesses hoping to avoid the embarrassment of being the subject of a future Black Hat or DEF CON hacking presentation, the conference highlighted the importance of addressing cybersecurity at the outset of product development and testing. In some cases, identifying potential vulnerabilities may require putting a hacker on payroll.
Key Contacts
Let`s get in touch!
Top Cybersecurity Threats Unveiled by Hackers – Is Anyone Safe?
Author: Scarinci Hollenbeck, LLC
The events confirmed that no industry is safe from the top cybersecurity threats, with hackers exposing vulnerabilities in everything from cell phones to drones to rifles.
The ability to remotely control a Jeep Grand Cherokee via its UConnect entertainment system was arguably the most publicized hack to come out of the Black Hat conference. The security vulnerability subsequently prompted the recall of approximately 1.4 million Chrysler-Fiat vehicles in the United States.
Although they did not receive the same media attention, presenters at Black Hat and DEF CON revealed several other equally concerning cybersecurity threats. Below are just a few:
- Intel CPUs: Older Intel chips that predate second-generation Core processor family (known as Sandy Bridge) have a security flaw that allows hackers to install a rootkit into the System Management Mode (SMM). The vulnerability is significant because antivirus is unable to detect the malware and hackers can still access the machines even after a complete wipe.
- Android Devices: Security experts revealed a security flaw that impacts millions of Android devices. According to security experts, attackers could gain access to the devices via a simple MMS message or multimedia file. To address the issue, Android will embark on the “single largest unified software update in the world.”
- Smart Safes: Retailers and other businesses often rely on high-tech safes that have built-in computers. In many cases, the touch screen interface requires two users to provide authentication credentials in order to safe. Hackers showed how they could access the computer to create new users and then use a USB thumb drive port to enter their phony credentials.
- OnStar Vehicle Technology: Chrysler is not the only automaker with cybersecurity concerns. Hackers revealed that they were able to “locate, unlock and remote start any vehicle with OnStar RemoteLink after intercepting communication between the RemoteLink mobile app and OnStar servers.”
- Internal LTE/3G Modems: Laptops and tablets increasingly come equipped with internal modems that allow users to work remotely via a mobile data connection. Hackers used a flaw in the firmware update process to install malware that persists even if the operating system is wiped or reinstalled.
For businesses hoping to avoid the embarrassment of being the subject of a future Black Hat or DEF CON hacking presentation, the conference highlighted the importance of addressing cybersecurity at the outset of product development and testing. In some cases, identifying potential vulnerabilities may require putting a hacker on payroll.
