Hackers are hijacking smart building access systems to launch DDoS attacks

smart-doors.jpg
Image: Nortek Security & Control, LLC

Hackers are actively searching the internet and hijacking smart door/building access control systems, which they are using to launch DDoS attacks, according to firewall company SonicWall.

The attacks are targeting Linear eMerge E3, a product of Nortek Security & Control (NSC).

Linear eMerge E3 devices [1, 2, 3] fall in the hardware category of “access control systems.” They are installed in corporate headquarters, factories, or industrial parks. Their primary purpose is to control what doors and rooms employees and visitors can access based on their credentials (access codes) or smart cards.

In May 2019, researchers from Applied Risk, a cyber-security firm specialized in industrial security services, disclosed details about ten vulnerabilities impacting NSC Linear eMerge E3 devices.

NSC Linear eMerge E3 devices

NSC Linear eMerge E3 devices

Despite the fact that six of the ten vulnerabilities had a vulnerability severity (CVSSv3) score of 9.8 or 10 out of a maximum of 10, NSC failed to provide patches, according to an Applied Risk security advisory.

Applied Risk later released proof-of-concept exploit code in November.

CVE-2019-7256 exploitation

Now, in a report published last week, SonicWall researchers say that hackers are scanning the internet for exposed NSC Linear eMerge E3 devices and using one of the ten vulnerabilities.

The vulnerability they are using is CVE-2019-7256. Applied Risk described this vulnerability as a command injection flaw. It is one of the two that received a severity score of 10/10, meaning it can be exploited remote, even by low-skilled attackers without any advanced technical knowledge.

“This issue is triggered due to insufficient sanitizing of user-supplied inputs to a PHP function allowing arbitrary command execution with root privileges,” SonicWall said in a security alert published last week. “A remote unauthenticated attacker can exploit this to execute arbitrary commands within the context of the application, via a crafted HTTP request.”

Hackers are using CVE-2019-7256 to take over devices, download & install malware, and then launch DDoS attacks on other targets.

The first of these attacks began on January 9, this year, and were spotted by intelligence firm Bad Packets, and have continued in a steady stream ever since.

“Attackers seem to be actively targeting these devices as we see tens of thousands of hits every day, targeting over 100 countries with the most [attacks being] observed in U.S.,” SonicWall said.

The attack surface isn’t too large, though. SonicWall reports that only “2,375 Internet-accessible eMerge devices are listed by the Shodan search engine.”

This number is far lower than the millions of security cameras and home routers that are also available online. However, the small number of vulnerable devices has not dissuaded attackers so far, and exploitation attempts they’re likely to continue.

IoT devices used as entry points

But while having your smart building door system launch DDoS attacks on Steam or the PlayStation Network is one issue, a bigger threat is that these vulnerable systems can also be used as entry points into an organization’s internal networks.

In August last year, Microsoft reported that it observed a Russian state-sponsored hacking crew using Internet of Things (IoT) smart devices as launching points for other attacks on corporate networks.

The Russian hackers tried to exploit a VOIP phone, an office printer, and a video decoder, Microsoft said, but the NSC Linear eMerge E3 devices are just as attractive targets, primarily due to the high severity of the ten security bugs disclosed last year.

System administrators managing networks were NSC Linear eMerge E3 devices are installed are advised to take these systems off the internet, or at least limit access to these devices using a firewall or VPN.

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

E-Crypto News Executive Interviews



bitcoin
Bitcoin (BTC) $ 61,303.00
ethereum
Ethereum (ETH) $ 4,113.60
binance-coin
Binance Coin (BNB) $ 481.70
tether
Tether (USDT) $ 1.01
cardano
Cardano (ADA) $ 2.15
solana
Solana (SOL) $ 195.01
xrp
XRP (XRP) $ 1.10
polkadot
Polkadot (DOT) $ 43.69
usd-coin
USD Coin (USDC) $ 1.01
dogecoin
Dogecoin (DOGE) $ 0.248788
USD
EUR
GBP
bitcoinBitcoin (BTC)
$ 61,303.00
ethereumEthereum (ETH)
$ 4,113.60
tetherTether (USDT)
$ 1.01
bitcoin-cashBitcoin Cash (BCH)
$ 628.67
litecoinLitecoin (LTC)
$ 197.43
bitcoinBitcoin (BTC)
52.645,48
ethereumEthereum (ETH)
3.532,66
tetherTether (USDT)
0,867363
bitcoin-cashBitcoin Cash (BCH)
539,89
litecoinLitecoin (LTC)
169,55
bitcoinBitcoin (BTC)
44,486.05
ethereumEthereum (ETH)
2,985.14
tetherTether (USDT)
0.732932
bitcoin-cashBitcoin Cash (BCH)
456.21
litecoinLitecoin (LTC)
143.27

Automated trading with HaasBot Crypto Trading Bots

Crypto Scams

Behind The Scenes: How this Crypto Community Responded to + $50m Hack
October 18, 2021
Crypto Scams
Crypto Scams Still Persistent In 2021, SEC Warns About Red Flags To Watch
September 9, 2021
Poly Network
Here’s How Hackers Stole Over $600 million in the Poly Network Attack
August 12, 2021
The World’s Most Infamous Crypto Hacks and Scams
July 31, 2021
Cryptocurrency Exchanges
Cryptocurrency Exchanges and the Plague of Scams and Bans
June 29, 2021

Blockchain/Cryptocurrency Questions and Answers

ICo Presale
The Science Behind ICO Presales…
October 14, 2021
Beginner’s Guide to Investing in Cryptocurrency
August 9, 2021
Short-Sell Cryptocurrency
How to Short-Sell Cryptocurrency: A Brief Overview
July 17, 2021
Klaytn
What Is Klaytn (KLAY) And How Does It Work?
July 16, 2021
Cryptocurrencies
Our Crypto Roundup Interview Asks- Do Cryptocurrencies Have a Future?
July 15, 2021


CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin61,205 0.03 % 0.23 % 0.06 %
Ethereum4,104.0 0.34 % 2.22 % 6.47 %
Binance Coin481.05 0.01 % 0.52 % 2.83 %
Tether0.9986 0.03 % 0.08 % 0.23 %
Cardano2.150 0.33 % 1.13 % 1.79 %
Solana193.89 0.82 % 3.68 % 22.50 %
XRP1.090 0.20 % 0.16 % 4.15 %
Polkadot30.87 2.19 % 17.29 % 10.73 %
Dogecoin0.2488 0.39 % 0.56 % 4.29 %
USD Coin1.000 0.14 % 0.20 % 0.17 %

bitcoin
Bitcoin (BTC) $ 61,303.00
ethereum
Ethereum (ETH) $ 4,113.60
binance-coin
Binance Coin (BNB) $ 481.70
tether
Tether (USDT) $ 1.01
cardano
Cardano (ADA) $ 2.15
solana
Solana (SOL) $ 195.01
xrp
XRP (XRP) $ 1.10
polkadot
Polkadot (DOT) $ 43.69
usd-coin
USD Coin (USDC) $ 1.01
dogecoin
Dogecoin (DOGE) $ 0.248788