Warning: Your device might be at risk of cyberattack new online security flaws that were exposed to public. A recent article in PC and Internet security company Rapid7 found that nearly 40 to 50 million devices compatible network could be open to hacker attacks, because of a flaw in the Universal Plug and Play (UPnP) protocol .
The protocol allows devices such as printers, routers and fancy smart-TVs to be easily identifiable on a network, enabling rapid configuration and share information more quickly. The device is offered in about 7000 different types of gadgets - worrying as 50 million gadgets were sensitive to at least one of the three online security vulnerabilities described in the document of Rapid7. Two of the most commonly used UPnP software libraries were both able to be operated remotely.
The study identified more than 0 merchants that manufacture products with defects, including big hitters such as Belkin, Netgear, Motorola and Fujitsu. These companies have since been contacted about the problem but since most new devices are often shipped with UPnP enabled by default, many people may be unaware that their devices are at risk. Similarly, when updates are released, users may not be aware of the relevance of their security devices and might not apply. (Pro tip: always keep on top of your updates)
The advice for those who are concerned that they may be affected by the security vulnerabilities is to download the free scanning tool Rapid7 which was created to help identify if you are at risk of attack. If the vulnerability analysis highlights in your network, then it is advised to turn off your UPnP and keep an eye out for future updates that may resolve the problem. Older models that are no longer being shipped may not even be updated at all, which effectively means that you must either disable UPnP or simply splash out on a new appliance.
With vulnerabilities now well known, they are likely to be immediately exploited by hackers. While the actions of irresponsible Rapid7 may appear at face value, in the end, they could well be a good thing. Manufacturers and equipment specialists will now be forced to pay more attention to security and Internet security, and faster corrections!
0 Komentar