Secret information to be dominated within 30 seconds¡¦Remote SW security to have been turned on
Lee Gyung Tak | kt87@ | 2018-01-16 11:13:45
#One smart factory is connected to `internal network (intranet)` with no connection to external internet. The plant manager says it is the only way to prevent sophisticated hacking attacks. This is a scene of the animated `Psychopath` showing the 22nd century futuristic vision that system of judging crime possibility is built.
Recently, the use of remote control and management solutions has increased in both companies and individuals, and security vulnerabilities have been found in related solutions.
According to the security industry, Finnish cyber security firm F. Secure has discovered a security vulnerability in Intel`s remote management program AMT that could allow a hacker to break into a computer and remotely control it in 30 seconds. AMT is a program that enables businesses to remotely manage personal computers and is used in many countries, including South Korea. This flaw is an analysis of the potential security risks of millions of notebooks around the world using AMT.
Meanwhile, these vulnerability hackers can not only access data, but also disable encryption and operating system (OS) security. Especia warned that hackers could penetrate the entire AMT of a company even if only one specific device penetrates it.
"This issue can be unbelievably disruptive," said Harry Shinnonev, senior security consultant. "Even with maximum security measures, the flaw will allow hackers to take complete control of their notebooks."
Not only Intel, but the security problem of remote management solutions is constantly a problem. TeamViewer, representative remote PC control software (SW), is constantly exposed and vulnerable to hackers. Actual hacking cases and damage cases such as unauthorized payment attempts through team viewers in overseas and domestic have occurred. Last year, a Chinese hacker who was hacking Team Viewer and taking over Korean credit card information and collecting KRW 1.2 billion, was arrested by police. Only about 90,000 credit cards were hacked by them.
This remote solution is widely used in various platforms such as security control and Samsung`s Dex Station. Although it can be convenient for the user, it is an analysis that the security of the network is revealed in the process of connection and the risk of obtaining the authority of all terminals connected to the system is high. Security vulnerabilities are often found on printers such as HP and Dell, where remote code is essential.
Industry experts point out that in the Internet of Things (IoT) era, the increasing use of remote solutions in industries such as telecommunications, energy, and manufacturing can make security vulnerabilities more destructive. Especially, in the field of medical care, telemedicine and robotic surgery are popularized, and it should be avoided focusing on the convenience and performance of the related platform.
An expert from the security industry said, "The lesson of Intel CPU security flaws is that when products are buried only in competition for speed and performance, the product design that misses security is inevitably a big problem. Therefore, "Companies will need to have a secure process from development to follow-up so they can survive in the market for a long time."
By Lee Gyung Tak kt87@
[ copyright ¨Ï The Digitaltimes ]
Recently, the use of remote control and management solutions has increased in both companies and individuals, and security vulnerabilities have been found in related solutions.
According to the security industry, Finnish cyber security firm F. Secure has discovered a security vulnerability in Intel`s remote management program AMT that could allow a hacker to break into a computer and remotely control it in 30 seconds. AMT is a program that enables businesses to remotely manage personal computers and is used in many countries, including South Korea. This flaw is an analysis of the potential security risks of millions of notebooks around the world using AMT.
Meanwhile, these vulnerability hackers can not only access data, but also disable encryption and operating system (OS) security. Especia warned that hackers could penetrate the entire AMT of a company even if only one specific device penetrates it.
"This issue can be unbelievably disruptive," said Harry Shinnonev, senior security consultant. "Even with maximum security measures, the flaw will allow hackers to take complete control of their notebooks."
Not only Intel, but the security problem of remote management solutions is constantly a problem. TeamViewer, representative remote PC control software (SW), is constantly exposed and vulnerable to hackers. Actual hacking cases and damage cases such as unauthorized payment attempts through team viewers in overseas and domestic have occurred. Last year, a Chinese hacker who was hacking Team Viewer and taking over Korean credit card information and collecting KRW 1.2 billion, was arrested by police. Only about 90,000 credit cards were hacked by them.
This remote solution is widely used in various platforms such as security control and Samsung`s Dex Station. Although it can be convenient for the user, it is an analysis that the security of the network is revealed in the process of connection and the risk of obtaining the authority of all terminals connected to the system is high. Security vulnerabilities are often found on printers such as HP and Dell, where remote code is essential.
Industry experts point out that in the Internet of Things (IoT) era, the increasing use of remote solutions in industries such as telecommunications, energy, and manufacturing can make security vulnerabilities more destructive. Especially, in the field of medical care, telemedicine and robotic surgery are popularized, and it should be avoided focusing on the convenience and performance of the related platform.
An expert from the security industry said, "The lesson of Intel CPU security flaws is that when products are buried only in competition for speed and performance, the product design that misses security is inevitably a big problem. Therefore, "Companies will need to have a secure process from development to follow-up so they can survive in the market for a long time."
By Lee Gyung Tak kt87@