A newly discovered cyber vulnerability known as Devil’s Ivy (or CVE-2017-9765) is exploiting vulnerabilities in some Internet of Things (IoT) devices. So far, Devil’s Ivy is more annoying than apocalyptic.
Devil’s Ivy is a stack buffer overflow vulnerability identified by Senrio, a U.S.-IoT security firm based in Portland, Oregon. The company first issued information about this on their website on July 18, 2017. The bug was discovered when analyzing IP cameras. The vulnerability Devil’s Ivy got its name because, just like the plant, it is nearly impossible to kill and spreads quickly through code reuse. In fact, according to Senrio, tens of millions of systems could be affected. Its source in a third-party toolkit downloaded millions of times means that it has spread to thousands of devices and will be difficult to entirely eliminate.
“Security systems are often on separate networks and/or not managed by the IT Department. This leaves security technologies prone to attacks and minimizes the likelihood of a breach being detected. Implementing security technologies that inherently have cyber defenses built into the platform fills one more gap when building a comprehensive cyber defense.”
– Brian Lipscomb, Manager, Advanced Cyber Solutions, Convergint Technologies
Devil’s Ivy Risks
When Devil’s Ivy is exploited, it enables hackers to access a surveillance camera’s video feed and prevent anyone else (including the owner) from accessing the feed. The weakness could also be used to install malware on the target camera, and the worst part is that all of these things could be done remotely.
This creates serious danger for places that use security cameras as a major safety tool, and facilities such as banks are especially at risk. Cyber-criminals could hack into a bank’s security camera feed and use it to make robbing the bank an easier task. They could stop others from accessing the video feed, manipulate it so that it doesn’t show the crime, or they could delete it to remove evidence.
The Solution: Razberi CameraDefense™
Razberi CameraDefense™ cybersecurity software works in conjunction with Razberi ServerSwitchIQ™ intelligent surveillance appliances to automate best-practice camera hardening and system protections. It provides security managers and integrators with an intuitive dashboard to identify vulnerabilities and reduce installation time while ensuring consistent cybersecurity policies and protections are implemented immediately and ongoing.
It helps security leaders:
- Block unauthorized Internet of Things (IoT) devices: Binds cameras and other IoT security devices to the network and prevents unauthorized devices from using Ethernet ports.
- Limit access to cameras: Restricts camera access to white-listed IP addresses, blocks camera traffic to the public Internet, and flags weak passwords.
- Protect from cyber attack: Denies unneeded and potentially dangerous camera services with a next-generation firewall.
Devil’s Ivy is but one of many potential vulnerabilities that hackers will sniff out to find their way into a surveillance and ultimately enterprise data network. Security leaders need the right automated tools; and solutions can make it easier to lock down any vulnerable camera, scale it across hundreds or thousands of cameras, and to gain better visibility and health monitoring into potential vulnerabilities.