Yes, It's Real
The Market Ticker - Commentary on The Capital Markets
Login or register to improve your experience
Main Navigation
Sarah's Resources You Should See
Full-Text Search & Archives
Leverage, the book
Legal Disclaimer

The content on this site is provided without any warranty, express or implied. All opinions expressed on this site are those of the author and may contain errors or omissions. For investment, legal or other professional advice specific to your situation contact a licensed professional in your jurisdiction.


Actions you undertake as a consequence of any analysis, opinion or advertisement on this site are your sole responsibility; author(s) may have positions in securities or firms mentioned and have no duty to disclose same.

The Market Ticker content may be sent unmodified to lawmakers via print or electronic means or excerpted online for non-commercial purposes provided full attribution is given and the original article source is linked to. Please contact Karl Denninger for reprint permission in other media, to republish full articles, or for any commercial use (which includes any site where advertising is displayed.)

Submissions or tips on matters of economic or political interest may be sent "over the transom" to The Editor at any time. To be considered for publication your submission must be complete (NOT a "pitch"; those get you blocked as a spammer), include full and correct contact information and be related to an economic or political matter of the day. All submissions become the property of The Market Ticker.

Considering sending spam? Read this first.

2018-05-26 07:00 by Karl Denninger
in Technology , 277 references Ignore this thread
Yes, It's Real *
[Comments enabled]

No, folks, the hacking has not let up.

As I've pointed out my HomeDaemon-MCP machine has been laughing at state-level style nasties for quite some time, with a few "hall of shame" notes in this column.

Now comes this warning from Talos:

For several months, Talos has been working with public- and private-sector threat intelligence partners and law enforcement in researching an advanced, likely state-sponsored or state-affiliated actor's widespread use of a sophisticated modular malware system we call "VPNFilter." We have not completed our research, but recent events have convinced us that the correct way forward is to now share our findings so that affected parties can take the appropriate action to defend themselves. In particular, the code of this malware overlaps with versions of the BlackEnergy malware — which was responsible for multiple large-scale attacks that targeted devices in Ukraine.

This is exactly why you can't have anything that is potentially-vulnerable on the public-facing side of the Internet at your home or office.


The list of known problem devices that are being targeted include a lot of popular WiFi routers, for one, along with NAS devices popular with small and home office users.

I don't think I need to explain why having your office data stash penetrated and stolen is bad, nor why someone getting into your home or small-office WiFi router could easily be catastrophically bad.

The damage that someone can easily do, including spying, theft, alteration of data and similar if they get inside what you believe is a "secure" perimeter network is typically somewhere between severe and, in the case of a business, literal business-ending catastrophic.  Never mind the potential exposure if said party then uses your connection to do something severely-criminal; while the common home user is unlikely to get charged the disruption to your life in having the authorities show up and worse, if you're a small business, what happens to your reputation if such a "take-over" is then abused to ship things around like child pornography ought to be enough to keep you up at night.

This sort of problem is not going to go away, and as soon as you allow anything that might matter to you and is on all the time to be behind or in such a "gateway" you are at severe risk.  As soon as those "things" have cloud access or worse -- any sort of connection to your home's security and monitoring (e.g. IP cameras, etc) and are on all the time the potential for damage becomes compounded dramatically.

Don't believe for a minute that this problem will get "better" if you do nothing and wait -- it will get worse, much worse, since people keep bringing things like "Home assistant" devices with microphones into their houses that are on all the time.

It's one thing if your laptop is at risk through such a problem since your laptop is only on when you're using it for most people, and the rest of the time it's powered down.  It's quite a different matter when you stick something on that same network that is on 24x7, whether you're home or not, and can act in your absence or while you are asleep.

Go to responses (registration required to post)

No Comments Yet.....
Login Register Top Blog Top Blog Topics FAQ
Login Register Top Blog Top Blog Topics FAQ