The Red Team Corner–December 2022

'Tis the Season to be Cautious, Fa la la la la, la la la la

Before we get into the note of caution, for those currently observing Seasonal Holidays around the world, we’d like to wish you all a joyful and safe time with your loved ones. For many of us, it’s the time to exchange gifts, some of them being tech gifts that are internet enabled, or come equipped with a microphone, camera, and other “smart” capabilities. Privacy and security risks posed by internet-enabled, smart devices are concerning enough to garner attention even from the public media.

What makes consumer IoT devices targets of interest for attackers? There can be several reasons:

• IoT devices are not always engineered with a focus on security.

• Consumer devices are not as diligently patched and updated.

• A single IoT vendor vulnerability could allow an attacker to take control of potentially thousands of devices to form a potent botnet.

• Smart devices are notoriously data-hungry and can act as a treasure trove for attackers on a hunt for sensitive information.

• Limited security awareness amongst consumers often results in insecurely configured devices open to the internet.

As consummate security enthusiasts, before you connect any of your “smart” gifts to the internet:

Familiarize yourselves with the known hacks and attacks targeting or involving IoT devices from this awesome compilation.

• Consider segmenting your home network to isolate less trustworthy smart devices.
• Ensure you keep your device firmware up-to-date and device software patched.
• Learn about the security features included, but not enabled by default.
• Take the time to understand the privacy policy of the vendor, especially for devices with audio/visual capabilities, and make sure you are comfortable with the vendor’s data handling procedures.

With proper precautions, there is no reason to not enjoy your smart scale, fancy drones, or your internet-connected intelligent toothbrush. Also, remember that this period of the year is an especially active time for cyber attackers, so be extra vigilant with your online activities.

And as a parting note, if you are eager to learn about attacks of the past and looking for books to read in the warmth of the fireplace this winter season (unless you live in the Southern Hemisphere), give these a try:

• The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage
• Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon
• Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers

Hope you all had a wonderful 2022 and are excited about 2023 as much as we are!

- PJ

----------

About the Author

Prajakta (PJ) Jagdale is the Director of Offensive Security at Palo Alto Networks. She joined the company in 2016 as a Principal Red Team Engineer at a time when the practice of Red Teaming was being increasingly adopted by the commercial sector. Since then, PJ has built and has been overseeing a "much-loved" and successful Red Team constituting a group of wonderfully creative engineers adept in the same tactics and techniques that we expect our most advanced and persistent adversaries to leverage against us. Through her team's expertise and the tremendous collaboration of stakeholders within InfoSec and across the company, she is able to advise on opportunities to make Palo Alto Networks further resilient against cybersecurity threats.

PJ, being a representative of the minority group, is also passionate about driving equal representation of women across the cybersecurity and technology industry and is a member of the Board of Directors for Women in Cybersecurity (WiCyS), a nonprofit 501(c)3 membership organization, which works to advance women in the cybersecurity workforce. She hopes to apply her 17+ years of experience in the field of cybersecurity to encourage and bolster the next generation of women cybersecurity professionals and leaders.