2017 is a year of frequent Internet security incidents.
· In March 2017, Spiral Toys' CloudPets series of animal stuffed toys revealed 2 million parent and child voice messages.
· In April, a security researcher at security firm Comsecuris found that the undisclosed baseband vulnerability MIAMI affected Huawei smartphones, notebook WWAN modules, and loT (Internet of Things) components.
· In July, US vending machine supplier AvanTI Markets was hacked into the intranet. The attacker implants malware in the terminal payment device and steals personal information such as the user's credit card account and biometric data.
· In October, WiFi's WPA2, a cryptographic protocol that protects wireless network security, was exposed to major vulnerabilities, and hackers could arbitrarily read any wireless network information protected by WAP2.
· In December, US traffic signs were hacked and played against the Trump language.
......
A large number of IoT smart terminal devices with weak security have become a new weapon for attackers. With the increasing number of intelligent terminals in the Internet of Things, their information security incidents will also rise rapidly. Such attacks will be more frequent, wider and more destructive. Recently, the Institute of Security Research released the "White Paper on IoT Intelligent Terminal Information Security", which analyzes the security risks of intelligent terminals in the Internet of Things from terminal security risks, terminal security risks and typical attack methods.
Terminal security risk
DDoS attacks disrupt normal business
Due to the large number of intelligent terminals in the Internet of Things, it has become the main source of attackers to form "botnets" and is gradually becoming an important position for DDoS attacks.
A large number of IoT intelligent terminals have been maliciously attacked, or because of their own loopholes, have become "broilers" remotely controlled by hackers, becoming a tool for launching DDoS attacks.
Personal privacy disclosure
Nowadays, more and more families are using smart cameras. People use smart cameras to communicate with family members in different places, and use smart cameras to remotely monitor the internal security of the home. However, the security vulnerabilities hidden in the smart camera are turning it into an "accomplice" for hackers to peek into the privacy of the family.
On June 18, 2017, CCTV reported that a large number of home cameras were invaded. The hacker cracked a large number of home smart cameras, spread on the Internet, established a large number of webcams to crack the communication group, "sneak a peek" on the family's personal privacy, watch the user's daily life, and even crack the terminal's IP address, login name and password online. Public hawking has caused many families to worry about the safety of smart terminals. The attacker mainly relies on scanning software to perform large-scale scanning on the network, and then uses weak passwords to implement device control.
Subsequently, the National Internet Emergency Center randomly selected two of the top five smart camera brands in the market share, and conducted a nationwide monitoring of the distribution of weak password vulnerabilities. The result was very surprising: only two brands of cameras had more than ten cameras. A weak password vulnerability exists in tens of devices.
Endangering the personal safety of users
With the development of the Internet and the trend of industrial intelligence, the automobile industry is also developing towards intelligent and networked. Intelligent networked vehicles are extremely important intelligent terminals in the intelligent transportation network. The information security problems are becoming more and more serious, and information is being falsified. Virus intrusion and other means have been successfully applied by hackers in intelligent networked car attacks. The information security crisis of intelligent networked cars can not only cause personal privacy leakage, corporate economic losses, but also serious consequences of car crash.
National critical infrastructure destroyed
With the vigorous development of smart cities, there are also many IoT smart terminals in the country's key infrastructure construction. These infrastructures that affect the national economy and the people's livelihood will inevitably lead to major consequences, which may cause immeasurable results. Economic losses can even cause social panic.
On August 5, 2008, an explosion occurred in the transnational Baku-Tbilisi-Ceyhan oil pipeline in Turkey, destroying the oil transportation pipeline and interrupting the oil transportation of the pipeline. The detector and camera were installed in the pipeline. However, before the explosion destroyed the pipeline, no alarm signal was received and the camera failed to capture the scene of the explosion. After investigation, it was found that the cause of the accident was the surveillance camera itself. The hacker used the communication software vulnerabilities of the webcam to break into the internal system and installed a malicious program on a computer responsible for the alarm management network, and then infiltrated into the pipeline operation control system to increase the pipeline without touching the alarm. Pressure, the high pressure in the oil pipeline led to the explosion, and the hackers deleted the surveillance video for 60 hours, "destroy the corpse", leaving no clues.
Terminal security risks
While the Internet of Things is developing vigorously, IoT intelligent terminals will cover a wide range of industries and fields, involving key national infrastructure, industrial equipment, smart families, personal life, etc. If there is no necessary security guarantee, it will be buried. A big security risk. Due to the cost and mature technology, the IoT system presents a situation of “heavy platform and light terminal†in terms of information security protection. Due to the large number of terminals and the limitations of resources and technologies, the protection capabilities of the Internet of Things are generally weak. Become a weak link in the information security of the Internet of Things system.
The main security risks faced by IoT smart terminals can be divided into the following categories.
Software vulnerability
At present, many terminal manufacturers generally lack security awareness and security capabilities, and do not make any security considerations in the design and development of software for terminal operating systems, firmware, business applications, etc., resulting in software security or defects in coding or logic. It can make an attacker illegally exploit or destroy without authorization.
In order to save development costs, some manufacturers use general-purpose, open-source operating systems, or directly call third-party components that do not perform any security detection, which brings great security risks to the IoT intelligent terminals, and it is likely to introduce some publicity. Software vulnerabilities are extremely vulnerable to hackers. Once these vulnerabilities are exploited, similar devices will suffer. In addition, business applications installed on IoT smart terminals generally do not have corresponding identification and control mechanisms, such as source identification of application software, installation restrictions of application software, and sensitive behavior control of installed application software. An attacker installs a malicious program or process to carry out an attack.
Due to the wide variety and large number of intelligent terminals of the Internet of Things, it has brought management difficulties to the enterprise. Coupled with the lack of security awareness of most users and the long-term update of software, many software vulnerabilities of IoT smart terminals are difficult to repair. And a large number of these devices are directly exposed to the Internet. At the same time, there are more and more malicious programs for the Internet of Things intelligent terminals, and the means of communication are constantly updated, which is easily exploited by hackers.
2. Hardware design flaws
For IoT smart terminals, in addition to software-level security, hardware security is also essential. Most of the IoT smart terminals are placed in an insecure physical environment, which is easy for attackers to access, and the terminal is generally inexpensive and can be easily obtained by attackers. Therefore, the hardware design of the IoT intelligent terminal is put forward higher requirements. The terminal manufacturer should consider and implement the corresponding hardware protection mechanism in the design and development process.
If the IoT intelligent terminal does not make security considerations in the hardware architecture design, it will provide many "conveniences" for malicious attackers. For example, if the device is not designed with a corresponding anti-disassembly design, the attacker will be able to easily remove the shell to access the internal hardware, use tools to extract firmware or data directly from the internal hardware components, and then analyze and find available vulnerabilities. Attack; if the device does not have corresponding tamper-proof and anti-reverse design on the chip, module or circuit board hardware, the attacker can tamper, reverse engineer or clone the hardware of the terminal; if the device does not have corresponding electromagnetic signal shielding Mechanism, attackers can use the side channel attack method to analyze and crack the cryptosystem. Therefore, if the IoT intelligent terminal hardware device is not designed with security in mind, it will leave great security risks.
3. The debug interface is not protected
Generally, in order to facilitate terminal maintenance, the equipment manufacturer will reserve a corresponding hardware or software debugging interface to facilitate local debugging or remote debugging during the operation and maintenance process. If the active tamper protection function can be implemented at the hardware level, a certain degree of security can be ensured for each hardware module and physical interface inside the terminal. However, based on cost considerations, most IoT smart terminals do not have such high-intensity security protection measures, and may not have any protection measures. This means that an attacker can easily access the internal hardware of the terminal and access the reserved hardware interface. For example, USB interface, JTAG interface, serial port, network port, etc. Currently, most manufacturers do not provide security protection on reserved interfaces, such as interface disable, authentication, and access control. Attackers can use the exposed physical interface to directly access device firmware, perform firmware extraction and analysis, or use remote software. Debug interfaces for unauthorized access, implement system-level operations, and change system or application configurations. Even some terminals have left the production debugging interface or development interface, which provides convenience for malicious attackers to penetrate the internal core of the IoT intelligent terminal.
4. Insecure communication mechanism
Data communication transmission is also a very important part of the security of IoT intelligent terminals. Now more and more hackers are beginning to crack attacks on communication transmission protocols. In the process of information communication transmission between the intelligent terminal of the Internet of Things and the cloud or terminal, it is vulnerable to network attacks such as traffic analysis, stealing, sniffing, and replay, which leads to threats such as leakage, hijacking, and tampering. There are many types of network types, access protocols, and communication protocols used for IoT intelligent terminal communication transmission. The security problems faced by different IoT intelligent terminal products and service types are also complicated.
Made of TPU material imported from South Korea, it can effectively protect the screen from unnecessary wear or scratches and reduce the impact of falling.
The flexible material design allows the Screen Protector to adapt to the contours of any device, so it can be connected to curved displays and rounded edges. The Full-Cover Screen Protector can perfectly fit your screen and provide maximum protection.
The oleophobic coating technology protects the glass from fingerprints left by sweat and grease, and fully supports the 3D touch function on the iPad.
The ultra-transparent thickness of 0.14mm ensures the sensitivity of the original touch screen. When using Apple Pencil, it can still maintain a high touch sensitivity. 99% transparency provides an ideal natural viewing experience.
If you want to know more about Imported Screen Protector For iPad products, please click the product details to view the parameters, models, pictures, prices and other information about Imported Screen Protector For iPad.
Whether you are a group or an individual, we will try our best to provide you with accurate and comprehensive information about the Imported Screen Protector For iPad!
Screen Protector For iPad, Imported Screen Protector, 200*300 Screen Protector, Imported Protective Film, iPad Screen Protector,Imported Hydrogel Film
Shenzhen Jianjiantong Technology Co., Ltd. , https://www.jjtphonesticker.com