Internet of Things is a term we are all hearing – but very few people know what it means, or know what the dangerous impacts it brings with it regarding security.
Something major happened in 2017. Internet of Things (IoT) devices were exploited by cybercriminals and turned into a rogue and malevolent army. A series of distributed denial of service (DDoS) attacks affected websites connected to the cloud-based internet performance management company Dyn, including Amazon, Twitter, Reddit, Spotify and PayPal. It’s was possibly a watershed moment.
Here are 10 things you need to know about IoT.
1. Wait, what’s IoT?
Definitions vary, but the ‘Internet of Things’ refers to ‘smart devices’ like refrigerators that will tell us when we’re out of milk. But also, many smaller less outlandishly smart objects, such thermostats, coffee machines and cars. These gadgets are embedded with electronics, software, sensors and network connectivity so that they can connect to the internet.
2. So, what’s the problem?
Anything that connects to the internet, even if it doesn’t contain your medical records, poses a risk. The October 2017 attacks were made possible by the large number of unsecured internet-connected digital devices, such as home routers and surveillance cameras.
The attackers infected thousands of them with malicious code to form a botnet. Now, this is not a sophisticated means of attack, but there is strength in numbers. They can be used to swamp targeted servers, especially if they march in all at once.
3. How did the attacks actually happen?
Remember that bit in the instruction manual where it told you to change the default password? Well, if you didn’t, then chances are your IoT device could spring to life as a cyber zombie. The DDoS-attackers know the default passwords for many IoT devices and used them to get in. It’s a bit like leaving your house keys under a flowerpot for anyone to find.
Anyone putting an IoT router, camera, TV or even refrigerator online without first changing the default password is enabling attacks of this type. ESET research suggests at least 15% of home routers are unsecured – that’s an estimated 105 million potentially rogue routers.
4. Wait, do I need IoT devices?
Some people dismiss IoT devices as gimmicky; others believe that in a few years we’ll all have smart cupboards that tell us what we can have for dinner. But there are numerous discernible benefits, such as the sensors in smartphones and smartwatches that provide real information about our health. Or the “blackbox” telematics in cars which can prove how safe or unsafe our driving is and thus help with insurance claims.
5. So, this is a new problem?
Nope. The possibility for exploitation of this kind has been common knowledge since, well, the dawn of IoTs. But, we didn’t realize quite how vulnerable we were until last year’s attack. Malicious code infecting routers is nothing new, as this ESET research clearly demonstrates.
The advice to change the default passwords on these devices is not new and has been reiterated many times. Yet you can lead a horse to water, but there’s no making them drink. Years ago WeLiveSecurity reported on the existence of 73,000 security cameras with default passwords.
6. How far does it go back?
The IoT actually goes way back as far as the 1980s. But in a slightly Back to the Future iteration. Researchers at Carnegie Mellon University first came up with an internet-connected Coke vending machine in 1982.
7. Surely, internet giants have the power to stop this?
Sure, they do. But that doesn’t mean some of them haven’t left gaping holes available for malicious exploitation. At the Black Hat security conference last year, security research students from University of Central Florida demonstrated how they could compromise Google’s Nest thermostat within 15 seconds.
Daniel Buentello, one of the team members, was quoted as saying in 2014: “This is a computer that the user can’t put an antivirus on. Worse yet, there’s a secret backdoor that a bad person could use and stay there forever. It’s a literal fly on the wall.”
8. What can I personally do to stop this?
Look at IoT devices like any other computer. Immediately change the default password and check regularly for security patches, and always use the HTTPS interface when possible. When you’re not using the device, turn it off. If the device has other connection protocols that are not in use, disable them.
These things might sound simple, but you’d be alarmed by how easy it is to opt for convenience over good sense. Only half of respondents to this ESET survey indicated that they’d changed their router passwords.
9. What can companies do to stop this?
You might think, ‘What’s the point? If an attacker can breach Amazon, then what hope does my firm have?’ Well, don’t give up hope. Organizations can defend against DDoS attacks in a range of ways including boosting the infrastructure of their networks and ensuring complete visibility of the traffic entering or exiting their networks. This can help detect DDoS attacks, while ensuring they’ve sufficient DDoS mitigation capacity and capabilities. Finally, have in place a DDoS defense plan, which is kept updated and is rehearsed on a regular basis.
Think of it like a fire drill for your network. Also, watch out for Telnet servers. These are the dinosaurs of the digital universe and as such should be extinct, because they’re so easily exploited. Never connect one to a public-facing device.
10. But … and this is a big but …
The tech might have been around for a while but these kinds of attacks are brand new. As such there are no agreed best practice protection methods for stopping an IoT from turning against you.
At least, not ones that the experts can agree on. Some believe you should apply a firewall in your home or business and to regulate control of them to authorized users. However, another method would be to apply a certification approach: allowing only users with the right security certificate to control the devices and automatically barring any unauthorized profiles. If in doubt, unplug it.
Acer gaming beast escapes
Acer this week unveiled two notebooks that take portable gaming to new extremes.
Acer unveiled two new Predator Helios gaming notebooks this week at the next@acer global press conference in New York. They include the powerful Predator Helios 500, featuring up to 8th Gen Intel Core i9+ processors, and the Predator Helios 300 Special Edition that includes upgraded specs from its predecessor and a distinctive white chassis. Both feature VR-Ready performance, advanced thermal technologies, and blazing-fast connectivity.
“We’ve expanded our Predator Helios gaming notebook line in response to popular demand from gamers seeking extreme performance on the go,” said Jerry Kao, President of IT Products Business, Acer. “The Predator Helios 500 and Helios 300 gaming notebooks feature Acer’s proprietary thermal technologies and powerful components that, coupled with our award-winning software, deliver unparalleled gaming experiences.”
“The 8th Gen Intel Core i9+ processor for gaming and creation laptops is the highest performance Intel has ever delivered for this class of devices; purpose built for enthusiasts who demand premium gaming experiences whether at home or on the go,” said Steve Long, Vice President and General Manager, Client Computing Group Sales and Marketing, Intel. “Intel and Acer’s long relationship has produced amazing products over the years, and the new Acer Predator Helios gaming notebooks are powerful examples of what’s possible with this unprecedented level of performance.”
Predator Helios 500 is a gaming beast featuring overclocking, 4K 144 Hz panels
Designed for extreme gamers, the Predator Helios 500 is a gaming beast. It features up to overclockable 8th Gen Intel Core i9+ processors and overclockable GeForce GTX 1070 graphics. Intel Optane memory increases responsiveness and load times, while ultra-fast NVMePCIe SSDs, Killer DoubleShot Pro networking, and up to 64GB of memory keep the action going, making the Helios 500 the ideal gaming notebook for graphic-intensive AAA titles and live streaming.
Top-notch visuals are delivered on bright, vibrant 4K UHD or FHD IPS 17.3-inch displays with 144Hz refresh rates for blur- and tear-free gameplay. NVIDIA G-SYNC technology is supported on both the built-in display and external monitors, allowing for buttery-smooth imagery without tearing or stuttering. For those looking for maximum gaming immersion, dual Thunderbolt 3 ports, and display and HDMI 2.0 ports support up to three external monitors. Two speakers, a subwoofer, and Acer TrueHarmony and Waves MAXXAudio technology deliver incredible sound and hyper-realistic 3D audio using Waves Nx.
The Helios 500 stays cool with two of Acer’s proprietary AeroBlade 3D metal fans, and five heat pipes that distribute cool air to the machine’s key components while simultaneously releasing hot air. Fan speed can be controlled and customized through the PredatorSense app.
A backlit RGB keyboard offers four lighting zones with support for up to 16.8 million colors. Anti-ghosting technology provides the ultimate control for executing complex commands and combos, which can be set up via five dedicated programmable keys.
Acer’s PredatorSense app can be used to control and monitor the notebook’s vitals from one central interface, including overclocking, lighting, hotkeys, temperature, and fan control.
Predator Helios 300 Special Edition brings a sophisticated design twist to gaming notebooks
Acer’s budget-friendly Helios 300 gaming line sees the addition of a Special Edition model featuring an all-white aluminum chassis accented with gold trim, an unusually chic design for gaming notebooks.
The Helios 300 Special Edition (PH315-51) allows for ultra-smooth gameplay via its 15.6-inch FHD IPS display with an upgraded 144Hz refresh rate. The rapid refresh rate shortens frame rendering time and lowers input lag to give gamers an excellent in-game experience. It’s powered by up to an 8th Gen Intel Core i7+ processor, overclockable GeForce GTX 1060 graphics, up to a 512 GB PCIe Gen 3 NVMe solid state drive, and up to a 2 TB hard disk drive.
The Helios 300 Special Edition also comes equipped with up to 16 GB of DDR4 memory, and is upgradable to 32GB. Intel Optane memory speeds up load times of games and applications, access to information and improves overall system responsiveness. In addition, Gigabit Ethernet provides fast wired connections, while Gigabit Wi-Fi is provided by the latest Intel Wireless-AC 9560 that delivers up to 1.73Gbps throughput when using 160 MHz channels (2×2 802.11ac, dual-band 2.4GHz and 5GHz).
The Helios 300 Special Edition also includes two of Acer’s ultrathin (0.1 mm) all-metal AeroBlade 3D fans designed with advanced aerodynamics and superior airflow to keep the system cool. They can be controlled with Acer’s PredatorSense app, which offers three usage modes:
1. Coolboost mode:
For heavy loading games, rendering, streaming, and extended video consumption
2. Normal mode:
For productivity tools like Microsoft Office
3. Silent mode:
For web browsing and online chatting
Price and Availability
Predator Helios 500 will be available in South Africa in June starting at R34 999.00
Helios 300 Special Edition will be available in South Africa in August 2018. Exact Price will be communicated closer to the time.
LG G7 arrives in SA
LG this week introduced South Africa to its latest premium smartphone, the LG G7 ThinQ, focused on bringing useful and convenient AI features to the smartphone experience.
Powered by the latest Qualcomm Snapdragon 845 Mobile Platform, the LG G7 ThinQ offers 4GB of RAM and 64GB of internal storage to run demanding tasks and apps with. It is equipped with a 6.1-inch Super Bright Display, but the LG G7 ThinQ remains compact enough to use with one hand.
Sporting a new design aesthetic for the G series, the polished metal rim gives the LG G7 ThinQ a sleeker, more refined look, complemented by Gorilla Glass 5 on both the front and the back for enhanced durability. Rated IP68 for dust and water resistance, the LG G7 ThinQ is also awarded MIL-STD 810 c certification, having been subjected to a range of extreme temperature and environment tests designed by the United States military.
The LG G7 ThinQ has an 8MP camera up front, rendering clear and natural selfies, with two 16MP cameras at the back that deliver higher resolution photos with more detail, as well as a Super Wide Angle configuration.
As with other leading brands, LG has evolved its signature camera by including AI functionality. The AI CAM offers 19 shooting modes for intelligence-optimised shots. Users can also improve their photos by choosing from an additional three effect options should the AI CAM recommendation not suit their taste.
The new Super Bright Camera captures images that are up to four times brighter than typical photos shot in dim light. Through the combination of pixel binning and software processing, the AI algorithm adjusts the camera settings automatically when shooting in low light.
Live Photo Mode records one second before and after the shutter is pressed for snippets of unexpected moments or expressions that would normally be missed. Stickers uses face recognition to generate fun 2D and 3D overlays, such as sunglasses and headbands, that can be viewed directly on the display.
New to the G series is Portrait Mode, which generates professional-looking shots with out-of-focus backgrounds. This effect can be generated using both front and rear standard lenses as well as the rear Super Wide Angle lens.
LG G7 ThinQ offers further AI functionality with the inclusion of Google Lens features. Google Lens is a new way to search using the AI and computer vision. Google Assistant and Google Photos allow users to access more information on objects such as landmarks, plants, animals, and books. It can identify text or visit websites, add business cards to contacts, events to the calendar or look up an item on a restaurant menu.
A button just below the volume keys launches the AI functionality. A single tap of this button launches the Google Assistant, while two quick taps launches Google Lens. Users can also hold down the button to start talking to the Google Assistant without the repetition of the OK Google command.
With Super Far Field Voice Recognition (SFFVR) and the highly-sensitive G7ThinQ microphone, the Google Assistant can recognise voice commands from up to five meters away. SFFVR is able to separate commands from background noise, making the LG G7 ThinQ an alternative to a home AI speaker, even when the TV is on. Commands for the Google Assistant have been increased in the LG G7 ThinQ so users can get more done with their voice alone.
“The LG G7 ThinQ is strongly focused on the fundamentals and its launch marks a new chapter for our company,” said Deon Prinsloo, General Manager for Mobile Communication, LG Electronics S.A Pty Ltd. “Through the combination of personalised and useful AI functionalities with meaningful smartphone features, this is LG’s most convenient and in the moment smartphone yet.”
- Mobile Platform: Qualcomm Snapdragon 845 Mobile Platform
- Display: 6.1-inch QHD+ 19.5:9 FullVision Super Bright Display (3120 x 1440 / 564ppi)
- LG G7 ThinQ: 4GB LPDDR4x RAM / 64GB UFS 2.1 ROM / MicroSD (up to 2TB)
- Rear Dual: 16MP Super Wide Angle (F1.9 / 107°) / 16MP Standard Angle (F1.6 / 71°)
- Front: 8MP Wide Angle (F1.9 / 80°)
- Battery: 3000mAh
- OS: Android 8.0 Oreo
- Size: 153.2 x 71.9 x 7.9mm
- Weight: 162g
- Connectivity: Wi-Fi 802.11 a, b, g, n, ac / Bluetooth 5.0 BLE / NFC / USB Type-C 2.0 (3.1 compatible)
- Colours: New Aurora Black
- Others: Super Bright Display / New Second Screen / AI CAM / Super Bright Camera / Super Far Field Voice Recognition / Boombox Speaker / Google Lens / AI Haptic / Hi-Fi Quad DAC / DTS:X 3D Surround Sound / IP68 Water and Dust Resistance / HDR10 / Google Assistant Key / Face Recognition / Fingerprint Sensor / Qualcomm Quick Charge 3.0 Technology / Wireless Charging / MIL-STD 810G Compliant / FM Radio