A device attack occurs when a criminal gains access to a remote device and uses it to either read, modify or corrupt information, or to gain access to other devices on the same network. A device attack can be accomplished in several different ways, but mostly involves exploiting password and encryption vulnerabilities as data enters or leaves a device.
The WPA and WPA2 protocols are the most common channels for a device attack. But another, more alarming method is when the Bluetooth stack is compromised. In this scenario, the malicious code is said to “invite and accept” itself into the network without any input from the user. Any wireless device with or without bluetooth capabilities is susceptible to these kinds of attacks, including smartphones and tablets, home virtual assistants, speakers and headsets, security systems, gaming consoles, printers, smart appliances and even wearable technology (including implanted medical devices).
The ability to conduct a device attack on medical devices has been well known for several years. In fact, in 2007, former US Vice President Dick Cheney had his pacemaker replaced with one that did not have wireless capabilities to avoid such attacks. Medical devices such as pacemakers, ventilators, and insulin and infusion pumps often employ default passwords which make them easily accessible. If ever hacked, cybercriminals can take control of survival-dependent devices for ransom or to simply take someone’s life.
One device attack known as “Blueborne” relies on the MAC address of the target device. If known, the hacker can link to the device by way of Bluetooth by essentially overriding the mechanism which requires a user to accept another device on the network. By bypassing this, the target device automatically sees and accepts the new device. At this point, the hacker has user privileges to the target device, as well as to any other object on the same network.
A second known device attack is known as a key re-installation attack, also known as a “KRACK.” This implementation enters a network though a hole in the WPA2 Protocol. When two devices connect, information is exchanged between them—a communication process commonly referred to as a “four-way handshake.” The encryption keys for the two devices are exchanged in the third step of this process, resulting in vulnerabilities which may disrupt the relay of information and prompt users to allow these packets to be sent again. Most users will allow it, because it appears to be a momentary glitch. What they don’t know is that they are providing all the necessary information for network password to be cracked, and for sensitive information to be compromised.
As the Internet of Things (IoT) continues to grow with the inclusion of lifestyle devices and the ubiquity of Bring Your Own Device (BYOD) to work and school, being aware and vigilant against device attacks may prove to be essential to your physical and digital welfare.