There are increasingly more IoT devices connected to the Network; smart TV, vacuum cleaners, printers, refrigerators, smart toys, cars, home automation systems, etc. And the digitization experienced by companies and households will only increase their number in the coming years. However, these same Internet of Things devices are primarily forgotten regarding cybersecurity, making them an open door to cyberattacks, thanks to IoT device finders.
In this article, we will explain these search engines, why they represent a risk to our privacy and security, and how we can minimize those risks.
IoT device finders are search engines in which devices connected to the internet are indexed. In other words, in the same way, that Google searches and indexes web pages, IoT device finders track the IP addresses of connected devices and index them in the search engine.
Shodan, GreyNoise, Onyphe, Censys, Zoomeye, and BinaryEdge are the names of the most popular IoT device finders, but there are more. And searching for connected devices on them is simple. They are used for different purposes, many of them legitimate (for example, they are one of the tools used by ethical hackers for pen-testing and security improvement), but some use them to locate vulnerable targets (especially when we talk about IoT devices for personal or domestic use) and through them to gain access to an internal network and the rest of the devices connected to it.
As you know, IoT devices are all those electronic devices that connect to the internet, collecting and transferring data. These devices, which range, as we have seen in the introduction, from a smart television or smart TV to a vacuum cleaner, through smart toys or the company printer, we connect them to our home or company network and, through the router, to the internet without worrying much about whether they are safe or vulnerable, even on many occasions, we do not even protect them with passwords or check if our router has any open ports.
This, added to a search engine for devices connected to the Internet, makes the latter an open the door to the cyber world and, therefore, targets for cyber attacks.
As we have said, the first thing these search engines do is search the Internet in search of IoT devices connected to it to index them, thus creating an extensive database in which it is possible to perform a search using different keywords (such as webcam, camera, ip, router, server, iot, password, etc.).
Point out here that it is the responsibility of the manufacturers of these devices to take the necessary measures so that they do not end up indexed in these search engines.
Although searching in these IoT device finders differs from other Internet search engines, such as Google or Bing, the operation is similar. Practically anyone can use them to locate these types of devices and even access them (if they need to be adequately protected); all we will have to do is register with them; in some, we will have to pay a subscription and start searching.
The searches are carried out using, as we said, keywords (alone or combined, for example, “webcam no password”) and different filters. Depending on the browser, we will be shown a list of devices; if we click on one, we will obtain a report about where the device is connected, what ports are open, its vulnerabilities, the SSL certificate, etc.
Once an IoT device is located, what is done with that information is up to the user. As we said, they can be completely legal uses but can also be used for less ethical purposes.
As you can imagine, being able to search for vulnerable IoT devices entails different types of risks, both for companies and individuals, especially if the Network and router have not been adequately protected.
According to a report by CCN-CERT, the objective of most cybercriminals who use IoT device finders is to access these devices and hack them, disable them, and ask for a financial ransom to make them work again.
But once access is gained to a connected device, it is possible to access others and the rest of the internal or home Network, which allows other types of attacks to be carried out. For example, they can infect computers with malware to encrypt files and demand a new ransom or get our passwords and access our user accounts.
They can also access webcams, get images of their victims, and use them to extort them (especially if they are intimate or compromising images). The images can also be used to know when the houses are empty.
Ultimately, gaining access to an IoT device can risk our privacy and security.
One of the first security measures we should consider to minimize the risks posed by IoT devices and their browsers is to buy and use devices from trusted manufacturers who take cybersecurity seriously. There is still no seal or standard that certifies that these products have the minimum security measures (although they are working on it in the EU), so we can only resort to checking opinions and testimonials on the internet to find out if the device that we plan to acquire has suffered hacking or other cybersecurity problems.
The Internet has many websites and pages; everyone is happy to surf it and share…
In today's digital age, video editing has become an essential tool for content creators. With…
Soft skills have become a critical aspect in selecting and developing company personnel, especially in…
The rapid evolution of technology has led to an unprecedented transformation in how companies interact…