k_Street Consulting, LLC Blog

k_Street Consulting, LLC has been serving the Washington area since 2009, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Man-In-the-Middle Attacks Find App Users Off Guard

b2ap3_thumbnail_man_in_the_middle_sphero_400.jpgThe Internet of Things is practically omnipresent in today’s environment, and many commercial products not only connect to the Internet, but they also come with an app. Due to this type of integration growing more popular, the world is starting to see Internet-connected products that really don’t have much to gain from their connectivity.

One such device is BB-8, a Star Wars-based droid toy built by Sphero. The toy isn’t much different from your typical Sphero toy, with the primary difference being that it’s painted after the insanely popular BB-8 droid from Star Wars Episode VII: The Force Awakens. It’s an app-controlled robotic ball that’s marketed to children who want to control their very own droid.

While this toy might seem to be irrelevant, it’s been reported that there’s an exploit which can hack into a BB-8 via its wireless communication systems. By injecting code into the smartphone controlling the droid, hackers can essentially control BB-8 through the phone, since it acts like a remote for the toy. This kind of hack is called a man-in-the-middle attack. In BB-8’s case, the hack is of little consequence, but man-in-the-middle attacks can be dangerous if targeting valuable information.

What Are Man-in-the-Middle Attacks?
In order to understand how a man-in-the-middle attacks works, let’s compare it to a traditional game that you may have played when you were a kid: “telephone.” One person sends a message and the recipient listens to it, but in the process of delivering the message, someone adds or omits an important part of the message. Just imagine that instead of the sentence, “Jane runs through the forest,” that the message that’s interrupted and manipulated is a customer’s credit card number.

Wireless systems have made it much easier to perform man-in-the-middle attacks, simply because wireless communications are subject to plenty of risk while in transit. This is why it’s especially important that your business implements security measures that can protect your data while it’s moving from one system to the next, be it from a smartphone to an in-house device, or an essential file from a PC to your server. You need to make sure that these commands are sent securely, and as accurately as the sender intended. Remote monitoring and management solutions can help your business by offering intrusion detection, along with several other protocols that work together to provide a comprehensive network security solution.

Attacks Require More Powerful Solutions
Wireless technology is extremely convenient at times, so much so that cumbersome, wired systems are waning in popularity. Despite this huge advantage, people still have to determine whether or not their wireless systems are secure from external threats. If their system security is subpar, there are plenty of solutions available that are capable of shoring up weaknesses for both mobile devices and PCs working on a wireless network. Unfortunately, all it takes is one seemingly inconsequential piece of technology to leave your entire network exposed.

This is where k_Street Consulting, LLC comes in. Our professional technicians can help your business improve its protection from Internet of Things threats. We can do this by performing a thorough analysis of your current IT infrastructure, your projected growth, and the current needs of your business. Together, we can keep your technology from going over to the dark side. To learn more, give us a call at (202) 640-2737.

Tip of the Week: 4 Google Chromecast Features that...
A Look at the Glue That Holds the Internet of Thin...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, 21 November 2024

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Blog Archive

2013
January
February
March
April
May
June
July
August
September
November