The Future is Here
Life has never been this convenient. Is the temperature too high in your house? Don’t bother walking to the thermostat. Pull out your smartphone, open the thermostat app, and drop the temperature a few degrees. Need to watch your family crack up over that YouTube video you just watched? Share that video from your phone to your smart TV with just a few presses. With the right hardware in your home, you can control everything from the lights to the shades with just your voice. The future of old sci-fi movies has arrived.
Internet of Things (IoT)
All of these convenient devices exist as part of the Internet of Things (IoT). Yes, they’re all connected to the internet. We’ve discussed IoT devices before in reference to IP camera vulnerabilities. While we may not have to worry about Skynet just yet, more threats exist in the real world than sci-fi movies have imagined. As it turns out, many of these devices are at risk from an attack that’s 10 years old known as DNS Rebinding according to Brannon Dorsey.
Simply put, DNS Rebinding starts with you clicking an innocent-looking link that loads a malicious site. That site launches code within your browser that bypasses your network’s firewall and uses your browser to control that device.
In Mr. Dorsey’s tests, affected devices include “Google Home, Chromecast, Roku, Sonos speakers, and certain WiFi routers and smart thermostats”. Manufacturers have already started releasing security patches to protect from this kind of attack, but no one actually knows how many devices are at risk.
DNS Filtering For Home
Homes and small businesses alike are susceptible to attack depending on the devices in use. For home use, we recommend OpenDNS Home, a DNS filtering service. It’s free and can be used to filter malicious sites and IP addresses, but it also offers content filtering capabilities also. You don’t have to be an IT tech to set up OpenDNS, but you do need to be comfortable modifying your router’s settings. OpenDNS provides step-by-step guides to get you going.
DNS Filtering For Work
On the commercial side, if you’re a current Pit Crew client, rest easy. We’re very familiar with these types of attacks, so we provide DNS filtering as part of our monthly IT service. If you’re not a Pit Crew client, what are you waiting for? We worry about these types of problems so you don’t have to. You show up to work, and an entire IT support crew is just a phone call away. Contact us today for a free consultation.