Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: info@c2techs.net

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Onsite Support
    • Encryption
    • Backups
  • ABOUT
    • Privacy Policy
FREECONSULT

Rise of the Machines – Round 2

  • 0
Christopher Woo
Tuesday, 29 November 2016 / Published in Woo on Tech

One month ago we wrote about a wave of attacks powered by compromised security appliances – mostly Asian-manufactured network video recorders – that disabled popular internet services for several days in late October. Despite the growing awareness of the problem due to this incident, this infected segment of the Internet of Things (IoT) is still active and wreaking havoc on a new front. Security researchers are reporting active attacks on routers used primarily by ISP’s Deutsche Telekom (Germany) and Eircom (Ireland) to service their internet customers. The attacks, powered by a new variant of the Mirai malware that was behind the previous IoT attacks in October, exploit a recently discovered weakness in Zyxel and Speedport routers, and a remote management protocol known as TR-069 which ISP’s traditionally use to manage equipment distributed to their customers. According to Deutsche Telekom, nearly one million of their customers may be affected by this exploit, and security researchers have cause to believe that over 40 million devices on the internet may be vulnerable to exploits of TR-069.

What this means for you:

Data is still being gathered on how widespread this problem may be, so it’s not immediately clear if anyone here in the States is directly impacted by this particular exploit. I can guarantee that if we aren’t affected by this one, there are probably several others we haven’t yet discovered. One of the great conundrums tech service providers (like C2) face is that we must rely on the internet to provide support to our clients, and in doing so have to make devices like routers “visible” on the internet, which in turn opens them to attack. As is typically the advice in the face of unknown threats, preparation is your best defense: change default passwords to strong, unique ones. Shield critical devices from the internet where possible through isolation, control and firewalls, and most importantly, understand and document what devices in your organization have contact with the internet so that when an attack does surface, we can quickly root out the source and hopefully prevent further damage. We are to the point now that a malware infection is a certainty in almost any environment, and the difference comes from how well prepared you are to recover from it.

Deustche TelekimEircominternet of thingsIoTmiraisecuritySpeedportTR-069Zyxel

Recent Posts

  • SolarWinds blames intern for weak password scandal

    Despite their best efforts, SolarWinds isn&#821...
  • Apple-logo.png

    New Malware hits 30k Macs

    Not even three months into Apple’s releas...
  • Biohazard warning

    Poor IT practices led to Florida utility hack

    Last week the sleepy Florida town of Oldsmar ma...
  • Facebook – Too little, too late?

    When working with people who are actively attem...
  • Things you should know as a WFH Pro

    While the past year has been no picnic for anyo...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP