ICYMI: NSA insiders, hacking living rooms & learning from Target
ICYMI: NSA insiders, hacking living rooms & learning from Target

NSA insider rumours refuse to go away

It's safe to say that Edward Snowden has become something of a household name in the information security field over the last 18 months – leaking hundreds (if not thousands) of documents on the activities of the US and UK governments will have that kind of effect.

Yet in more recent times there has been talk of a second or third leaker, which has arisen in part with confusion over which documents Snowden provided to the assortment of media publications now committed to publishing the leaks.

That feeling intensified this week after Andrew Lewman, who is responsible for all Tor's operations, claimed in an interview that rogue spies at both the NSA and GCHQ are helping to protect the anonymising internet network, which continues to be targeted by a plethora of governments, including Russia's.

Lewman said at the time: "There are plenty of people in both organisations who can anonymously leak data to us to say, ‘maybe you should look here, maybe you should look at this to fix this' - and they have."

Various experts questioned this when speaking after the news to SC, although it does again raise the possibility of yet more ‘insider threats' within the government agencies.

On the 5 August, global news agency CNN reported that there is a second pro-privacy ‘mole' in the NSA who has leaked documents since Edward Snowden fled, while encryption guru Bruce

Schneier followed two days later by saying documents published in the German media suggest a third ‘leaker'.

Hacking a living room

A lot has been made of the security risks around the Internet of Things (IoT) no more so than last week when Google's Nest thermostat was hacked in the space of 15 seconds at the Black Hat conference in Las Vegas.

People have questioned the value in these devices if – for instance- their data and identity is not secure.

But new research by Kaspersky Lab security analyst David Jacoby shines a line of the entertainment systems already in your living room, such as your internet-connected TV and Blu-ray player.

He recently inspected home entertainment devices such as network-attached storage models (NAS), a Smart TV, router and Blu-ray player, and concluded that all had exploitable vulnerabilities, mostly because they were missing basic security measures like a strong admin password or an encrypted internet connection.

The two popular NAS models (from unnamed vendors) were the most vulnerable, containing 14 vulnerabilities owing to weak default clear text passwords – which could be used to remotely execute systems commands with highest administrative privileges –  as well as configuration files which had incorrect permissions.

“In my case, the NAS devices were the most vulnerable,” Jacoby told SCMagazine.com on Thursday. “An attacker could perform the same malicious things as if it were a normal computer.”

He added that he could install a backdoor outside of a shared folder, access all content on the device, install malware and store illegal software and documents. He added that an attacker could also “install malicious tools from the NAS itself, performing advanced attacks on the network, such as rerouting all traffic via the NAS and capturing sensitive data [such as] credit cards [and] credentials.”

Jacoby went onto say that his Smart TV could be vulnerable to man-in-the-middle (MiTM) attacks because authentication and encryption is not used when downloading content from the vendor servers.

As a result, the researcher says that users should ‘make the hacker's life harder' by updating devices with latest security and firmware updates, changing default passwords, and ensuring that home routers and switches have the option of setting up your own network for each device.