Shodan - "Black" Google To Find Security Exploits And Vulnerabilities
«When people can't find something on Google, they think that, probably, no one be able to find it. But that isn't so», - claims John Matherly, the founder of Shodan, the most dangerous search engine on the Internet.
In opposite to Google, which looks for the simple websites on the web, Shodan works with, let's say, “deeper” data. It is some kind of a “black” Google, which looks for servers, web-cameras, printers, routers and other devices, connected to the Internet. Shodan works 24/7 and gathers information on more than 500 millions of devices monthly.
Devices with Shodan
It is incredible, but you can find millions of unprotected devices with Shodan, using a simple search query. Numerous traffic lights, security cameras, home automation systems, heating systems – it is all connected to the Internet and can be easily detected. So, wireless Internet security is a myth.
Shodan users have already discovered the controls of a water park, several gas stations and even a crematorium. Cybersecurity specialists have even detected the control systems of a nuclear power plant and atomic particles accelerator. And the worst thing here is the fact that only a few of those systems have some sort of security system.
Fiasco in security
“It is a giant fiasco in sphere of security”, - says H.D. Moor, security chief at Rapid 7. That company has its own private database of a security loopholes, like Shodan gathers and they use it for their own scientific purposes.
If you will run a simple search query with keywords “default password”, you will get millions of printers, servers and control stations with login: “admin” and password: “1234”. Even more of such connected systems has no access protection at all and literary anyone is able to hack them with even a simple Internet browser.
Dan Tentler, an independent system penetration specialist has shown at Defcon last year how he was able to detect and hack controls of evaporative coolers, water boilers and even garage doors. He has also found an automated car wash, which he was able to turn on and off and an ice arena in Denmark, which can be defrosted in one click.
Using system of traffic lights
One city in Europe had the whole control system for traffic lights connected to the Internet, and one command was all that was needed to get it to the maintenance mode. In that case it will be at hacker's total disposal. Also, a hydro power plant was discovered in France, with 2 turbines, 3 megawatt each. “One can do a lot of harm with that”, - Tentler says, but we at Jammer-Store think that he has put it mildly.
So why all those device are connected to the world wide web and are barely unprotected? In some cases, like iPhone controlled car alarms and door locks, they think that it is really hard to find. And that's why people don't really consider security measures.
Far greater problem here, at least as we see it, is that many of those device are not to be connected to the Internet. Many enterprises frequently buy devices, which enable remote control of, let's say, heating system. An how to connect that system to a computer? In most cases it is much easier to connect them both to a web server, which automatically opens a way for hackers.
But we can tell you that Shodan is being used for good reasons. Security speialists, researchers and law enforcements are the main users of that unique search engine. Matherly agrees, that “bad guys” may use it to look for their targets too, but he adds that hackers always have an access to a botnet, whole networks of infected computers, that are able to do the same, while remaining transparent. Nowadays, most of cyber attacks are aimed on stealing money or intellectual property. Hackers still rarely try to do some harm by blowing up a printer, or turning of traffic lights.
Cybersecurity specialist try to avoid those scenarios and they look for the vulnerabilities in the Internet connected devices with Shodan, they also recommend to use 2,4 GHz signal blockers, if you have any wireless equipment at home. And in the meantime, lots of devices, connected to the Internet and without any protection, wait for an attack.