Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: info@c2techs.net

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • Privacy Policy
FREECONSULT

Rise of the Machines – Round 2

  • 0
Christopher Woo
Tuesday, 29 November 2016 / Published in Woo on Tech

One month ago we wrote about a wave of attacks powered by compromised security appliances – mostly Asian-manufactured network video recorders – that disabled popular internet services for several days in late October. Despite the growing awareness of the problem due to this incident, this infected segment of the Internet of Things (IoT) is still active and wreaking havoc on a new front. Security researchers are reporting active attacks on routers used primarily by ISP’s Deutsche Telekom (Germany) and Eircom (Ireland) to service their internet customers. The attacks, powered by a new variant of the Mirai malware that was behind the previous IoT attacks in October, exploit a recently discovered weakness in Zyxel and Speedport routers, and a remote management protocol known as TR-069 which ISP’s traditionally use to manage equipment distributed to their customers. According to Deutsche Telekom, nearly one million of their customers may be affected by this exploit, and security researchers have cause to believe that over 40 million devices on the internet may be vulnerable to exploits of TR-069.

What this means for you:

Data is still being gathered on how widespread this problem may be, so it’s not immediately clear if anyone here in the States is directly impacted by this particular exploit. I can guarantee that if we aren’t affected by this one, there are probably several others we haven’t yet discovered. One of the great conundrums tech service providers (like C2) face is that we must rely on the internet to provide support to our clients, and in doing so have to make devices like routers “visible” on the internet, which in turn opens them to attack. As is typically the advice in the face of unknown threats, preparation is your best defense: change default passwords to strong, unique ones. Shield critical devices from the internet where possible through isolation, control and firewalls, and most importantly, understand and document what devices in your organization have contact with the internet so that when an attack does surface, we can quickly root out the source and hopefully prevent further damage. We are to the point now that a malware infection is a certainty in almost any environment, and the difference comes from how well prepared you are to recover from it.

Deustche TelekimEircominternet of thingsIoTmiraisecuritySpeedportTR-069Zyxel

Recent Posts

  • ID-10067190.jpg

    Don’t expect Facebook to honor your privacy

    As someone who is beyond jaded by social media ...
  • Working from Home is great. Or is it?

    Social media is literally ablaze with heated di...
  • Should you flag a number as “spam”?

    It happens to all of us. You are elbow deep in ...
  • Honda Hacked

    Honda key fobs vulnerable to hack

    If you are a long-time reader of this blog, you...
  • Gmail security change creates unintentional headaches for businesses

    You may not realize it, but your organization i...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP