| Submit your comments on this article |
| Cyber |
| You should know about Shodan... |
| 2023-07-16 |
| [Ashampoo Blog] Do you use a surveillance camera, fitness tracker, or smart lighting? Are your smoke detectors connected to the internet to send status notifications similar to modern security systems? Today, an assumed 50 billion devices are online to allow for information sharing as well as easy monitoring and controlling. Doesn't this entail a major security risk? Shodan, the most controversial search engine on the planet, will tell you. Shodan was created in 2009 by John Matherly and named after the artificial intelligence in the game "System Shock". Originally devised as a search engine for IoT (Internet of Things) devices, it quickly became apparent that its results are as significant as they are dangerous. For clarification: Internet of Things refers to a system of interrelated computing devices—from the ones mentioned above to industrial assembly lines, traffic light controllers, and many other everyday appliances—that have the ability to transfer real-time data over a network, usually the internet, without human interaction. These devices are assigned IP addresses just like your cellphone or PC. In many cases, network activity is human-monitored, but especially household appliances, like smoke detectors, communicate unsupervised and only notify their owners sporadically via status messages or in the event of a problem. This approach has many advantages. It improves response times in an emergency, helps to identify bottlenecks early, and allows businesses to instantly send out repair teams when necessary. It is also essential to home automation. But there's a flipside: No software is perfect, and neither are its users! Take, for example, the small computer in a smart fridge. It usually runs on a compact operating system like FreeRTOS, mbed OS, or Zephyr, that has a reduced feature set in the interest of stability, controllability, and network connectivity. Protection against online attacks often isn't a priority during development. And that's where Shodan comes in! In simple terms: Shodan constantly scans the internet by sending queries to a whole range of IP addresses and ports (think of them as doors left open by operating system to enable network communication). IoT devices routinely respond to these queries by sending service banners (think of them as calling cards) that expose information such as device type, operating system, open ports, available services, and other configuration details. At worst, the data even includes user names and passwords. Shodan then stores the information in a large database and makes it available to users through its search interface. Here's where the controversy begins! That's because the search index frequently turns into a list of shame, full of devices running outdated software or using inferior security settings—basically an invitation to hackers. And though the thought of having your own security camera hacked is unsettling enough, the knowledge that sensitive details on water processing plants, power grids, and power plants is also present is downright alarming. This data is accessible to anyone who completes the free registration. Paid subscribers, or users of special tools like SHODAN Diggity, get access to even more delicate, and filterable, information. Webcams, printers, routers, security cams, network switches, even industrial plant control systems, Shodan has all the details, including locations. And users can apply filters to swiftly target individual cities, device types, easily hackable OSes, even appliances that use standard passwords. Accessing a vulnerable system then usually requires little more than a web browser. rtwt |
| Posted by:M. Murcek |