Top-News
Mittwoch,
12.10.2016 12:30
von
PR Newswire
| Aufrufe: 123
Akamai Threat Research Team Identifies New Abuses Of OpenSSH Vulnerability
Ein Mann liest Wirtschaftsnachrichten (Symbolbild).
pixabay.com
PR Newswire
CAMBRIDGE, Mass., Oct. 12, 2016
CAMBRIDGE, Mass., Oct. 12, 2016 /PRNewswire/ -- Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, today published new research from the company's Threat Research team. Akamai researchers Ory Segal and Ezra Caltum have identified a recent spate of attacks whereby attackers are using Internet of Things (IoT) devices to remotely generate attack traffic by using a 12-year old vulnerability in OpenSSH, which we are calling SSHowDowN Proxy. A full report detailing the attacks is available for download here http://akamai.me/2dTsrg8.
Overview
It is important to note that the research and subsequent advisory do not introduce a new type of vulnerability or attack technique, but rather a continued weakness in many default configurations of Internet-connected devices. These devices are now actively being exploited in mass-scale attack campaigns against Akamai customers.
The Threat Research Team has observed SSHowDowN Proxy attacks originating from the following types of devices:
- CCTV, NVR, DVR devices (video surveillance)
- Satellite antenna equipment
- Networking devices (e.g. Routers, Hotspots, WiMax, Cable and ADSL modems, etc.)
- Internet connected NAS devices (Network Attached Storage)
- Other devices could be susceptible as well
Compromised devices are being used for:
- Mounting attacks against a multitude of Internet targets and Internet-facing services, such as HTTP, SMTP and Network Scanning
- Mounting attacks against internal networks that host these connected devices
Once malicious users access the web administration console, they have been able to compromise the device's data and, in some cases, fully take over the machine.
"We're entering a very interesting time when it comes to DDoS and other web attacks; 'The Internet of Unpatchable Things' so to speak," explained Ory Segal, senior director, Threat Research, Akamai. "New devices are being shipped from the factory not only with this vulnerability exposed, but also without any effective way to fix it. We've been hearing for years that it was theoretically possible for IoT devices to attack. That, unfortunately, has now become the reality."
ARIVA.DE Börsen-Geflüster
Werbung
Weiter aufwärts?
| Kurzfristig positionieren in Akamai Technologies | ||
|
HS3D3H
| Ask: 1,04 | Hebel: 4,07 |
| mit moderatem Hebel |
Zum Produkt
| |
HSBC
Den Basisprospekt sowie die Endgültigen Bedingungen und die Basisinformationsblätter erhalten Sie hier: HS3D3H,. Beachten Sie auch die weiteren Hinweise zu dieser Werbung. Der Emittent ist berechtigt, Wertpapiere mit open end-Laufzeit zu kündigen.
Kurse
 |
Mitigation
Some recommended approaches to mitigation include:
- If the device offers access to alter the SSH passwords or keys, change those from the vendor defaults.
- If the device offers direct file system access:
- Add "AllowTcpForwarding No" into the global sshd_config file.
- Add "no-port-forwarding" and "no-X11-forwarding" to the ~/ssh/authorized_ keys file for all users.
- If neither option above is available, or if SSH access is not required for normal operation, disable SSH entirely via the device's administration console.
If the device is behind a firewall, consider doing one or more of the following:
- Disable inbound connections from outside the network to port 22 of any deployed IoT devices
- Disable outbound connections from IoT devices except to the minimal set of ports and IP addresses required for their operation.
Akamai continues to monitor and analyze data related to this ongoing IoT threat. To learn more, please download a complimentary copy of the research white paper at http://akamai.me/2dTsrg8.
About Akamai
As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company's advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionizing how businesses optimize consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.
| Contacts: | ||
| Rob Morton | --or-- | Tom Barth |
Logo - http://photos.prnewswire.com/prnh/20100225/AKAMAILOGO
To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/akamai-threat-research-team-identifies-new-abuses-of-openssh-vulnerability-300343049.html
SOURCE Akamai Technologies, Inc.
Werbung
Mehr Nachrichten zur Akamai Technologies Aktie kostenlos abonnieren
E-Mail-Adresse
Bitte überprüfe deine die E-Mail-Adresse.
Benachrichtigungen von ARIVA.DE
(Mit der Bestellung akzeptierst du die Datenschutzhinweise)
(Mit der Bestellung akzeptierst du die Datenschutzhinweise)
-1
Vielen Dank, dass du dich für unseren Newsletter angemeldet hast. Du erhältst in Kürze eine E-Mail mit einem Aktivierungslink.
Hinweis: ARIVA.DE veröffentlicht in dieser Rubrik Analysen, Kolumnen und Nachrichten aus verschiedenen Quellen. Die ARIVA.DE AG ist nicht verantwortlich für Inhalte, die erkennbar von Dritten in den „News“-Bereich dieser Webseite eingestellt worden sind, und macht sich diese nicht zu Eigen. Diese Inhalte sind insbesondere durch eine entsprechende „von“-Kennzeichnung unterhalb der Artikelüberschrift und/oder durch den Link „Um den vollständigen Artikel zu lesen, klicken Sie bitte hier.“ erkennbar; verantwortlich für diese Inhalte ist allein der genannte Dritte.
