logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo logo
star Bookmark: Tag Tag Tag Tag Tag
USA

"Dark web" hackers could target gas pumps

Hackers find new device to target

Although a growing number of consumers use the "Internet of Things" to patch in to the web through everyday products ranging from thermostats and refrigerators to lightbulbs and toothbrushes, all that connectivity also means greater exposure to cyberthreats. One common device researchers say is becoming a target for hackers? Internet-connected gas pumps.

According to a report by ZDNet's Danny Palmer, cybersecurity forums are abuzz with talk that gas pumps linked to the internet could be remotely accessed via the so-called dark web. Meanwhile, many motorists and even gas station operators may not be aware that pumps are at risk. 

"That's just a gold mine for hackers," Palmer told CBSN.

Like the regular internet, the dark web is a network of websites, yet it is harder to access for the typical online web user. It requires a virtual private network, or VPN, which encrypts traffic, and the Tor web browser.

Criminals are putting up old tax returns for sale on the dark web

Palmer cited a study from Trend Micro that analyzed discussions and tutorials found on the dark web. While the most requested hacking methods were for routers, webcams and printers, according to the security firm, these criminal marketplaces also included tutorials for online gas pumps with programmable logic controllers, which are also used in factories to manage machinery remotely. 

One way hackers can exploit internet-enabled devices is through a "botnet," a network of devices they control. That network can be used to carry out "distributed denial-of-service" attacks, in which sites and services are shut down by barraging them with data from individual computers. 

In 2016, teenage scammers used the so-called Mirai IoT botnet to knock out internet services in many parts of the East Coast. Other cases include a Ukrainian power plant that was taken offline by cybercriminals in 2015 that left parts of western Ukraine without power.

"It's quite worrying how the cyber world and the physical world are becoming so interlinked in this way, and can have consequences which impact on the day-to-day lives of people," Palmer said.

Hackers are stealing sensitive medical records and selling them on dark web

Hackers can also use poorly secured internet-enabled devices as a gateway to a person's other digital devices, allowing criminals to steal sensitive information, spy on users or monitor networks. "There are a lot of possibilities," he said.

Palmer recommends that users change the default passwords on internet-connected devices they purchase, as well as utilize VPNs in their home network to encrypt traffic. 

"If there's a really cheap appliance from a company you've never heard of, you might want to question whether that's a good idea, buying that in the first place," he said.

All rights and copyright belongs to author:
Themes
ICO