Millions of Home Network Devices Vulnerable to Hacking – Take Action Today

Consumers around the world are being advised to immediately check their home networks for the three major security holes after new research by Rapid7 has discovered that over 6,900 networked devices from 1,500 manufacturers are vulnerable to cyber-attacks because of a flawed use of the Universal Plug and Play (UPnP) protocol.

The Plug and Play protocols (standards) are what allow networks and computing devices (like PC’s printers, keyboards, webcams, flash drives and Wi-Fi access points to automatically identify and communicate with other devices without requiring users to configure the connections. For example, you plug in a webcam, flash drive or keyboard and it automatically works with your computer.

The issue is that while security has evolved for other aspects of computing to block criminal exploitation, these UPnP protocols have largely gone unchanged.  There are patches available to fix the issues, but it is expected to take a long time before the patch is included in new products. You’ll have to reach out to the manufacturer of any devices on your network that are at risk to see if they have patches for your existing devices.

“The results were shocking to the say the least. Over 80 million unique IPs were identified that responded to UPnP discovery requests from the internet,” said the report’s author HD Moore, creator of Metasploit and currently CTO at vulnerability testers Rapid7. Moore explained to that the scale of vulnerabilities was surprisingly high, and everyone from ISPs, businesses and home users should check their hardware. While the attacks are somewhat complex in nature at the moment, they are likely to be picked up and automated by malware writers in the future.

Find Out if Your Devices Vulnerable

upnp1Rapid7 has created a free ScanNow UPnP tool for Windows users to check for the flaws so that vulnerable equipment can be identified and locked down. For Linux and Mac users, you’ll need to get the same tool directly from Metasploit.

  1. Download the free ScanNow UPnP tool and select Run. This will bring up a page asking you to enter your IP address or range of addresses.

At this point you have three options for what to enter into these fields:

upnp2

  • If you only have one computer or laptop, you can enter the universal ‘loop back’ address that looks inside your computer. To do this you would enter 127.0.0.1 in both fields.  This will scan the individual device.

Start the scan and wait for the results.  The results page has a lot of information on it, but scroll to the bottom for your scorecard.  If your scan shows no issues, you’re in good shape and don’t need to do anything else. If your scan shows a problem, read on to find out what to do next.

upnp3

  • upnp4If you have multiple devices to test, you can infer the internal IP address range of your computers, keyboards, webcams, etc. you are using.

This IP address number range can be found by clicking on the Start menu, then typing CMD (command) into the search field, and clicking enter.

This brings up a needlessly scary looking black screen that was never made pretty because regular consumers rarely see it. upnp5On this screen you will see a command line that should say C:\Users\THE NAME OF THE COMPUTER ADMINISTRATOR>. On this line type in ‘ipconfig’ (which stands for IP address configuration). This will bring up a whole scroll of information but what you are looking for is easy to find.

Scroll down until you see a line called IPv4. For 99% of users (anyone who has not changed he default configuration of upnp6their devices, there will be a number sequence that will begin with 192.168.xxx.xxx, 172.xxx.xxx.xxx, or 10.xxx.xxx.xxx.  In this example, the number sequence starts with 192.168.

Copy the first three sets of numbers and enter into the first three fields of both the starting and ending address fields.  In the last field of the starting address, enter the number 1. In the last field of the ending address, enter the number 255. For the example shown above, it would look like this:

upnp7

Now, start the scan and wait for the results.  The results page has a lot of information on it, but scroll to the bottom for your scorecard.  If your scan shows no issues, you’re in good shape and don’t need to do anything else. If your scan shows a problem, read on to find out what to do next.

  • If you want to use your external IP address to scan all of your devices and peripherals, you can find your external IP address by going to the website whatismyIP.org. You’ll see your IP address displayed at the very top of the screen. Take that number sequence, and enter it into both the starting and ending address fields in the ScanNow application.

Now, start the scan and wait for the results.  The results page has a lot of information on it, but scroll to the bottom for your scorecard.  If your scan shows no issues, you’re in good shape and don’t need to do anything else. If your scan shows a problem, read on to find out what to do next.

Again, if you pass the test without any issues, you’re done. If however the test finds issues you have to figure out which device(s) or peripheral (keyboard, webcam, UPnP hubs etc.) is the culprit putting you at risk. If you only have computers, it’s pretty easy to sit down at each one and perform the test, and then disable peripherals to determine which (if any) are causing the problem.   If you have devices like an Xbox or internet TV, it is harder to perform the test directly on those devices so you may just want to unplug these one by one and run the test against your full network again to identify the culprit.

If you can’t figure out which device or peripheral is causing the problem, ask a friend or family member who is more technically savvy than you, or use a service like Geek Squad and have them come identify the issue.

Unplug and quit using any device or peripheral with security risks until you can get these updated with a fix. To do this, you will most likely have to contact the manufacturer and ask if they have a way to upgrade the code to a safe version.  This can be a real pain, but it’s far less painful than having hackers exploit your computers and steal your financial identity, your information or hold your information for ransom.

Linda

One Response to Millions of Home Network Devices Vulnerable to Hacking – Take Action Today

  1. “Millions of Home Network Devices Vulnerable to
    Hacking – Take Action Today iLookBothWays” ended up being a remarkable
    posting. If perhaps it included a lot more photos this might be quite possibly even better.
    All the best ,Elisabeth

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 1,767 other followers

%d bloggers like this: