Hacker Creates Vivid Map Of The Internet


This amazing map is a portrait of the world’s Internet usage on an average 24-hour period in 2012, and you may have unknowingly helped create it. An anonymous researcher created a “botnet” to track Internet location and usage patterns by hacking into about 420,000 Linux computers that used default or no passwords. Never fear, the botnet—nicknamed “Carna” after the Roman goddess of physical health— was harmless. While it pinged information back to the researcher, it made no permanent changes to the machines and did not change passwords. It also uploaded a readme file to the affected machines explaining the project with a contact email and address. Although Carna was a friendly bot, she was still highly illegal.

Using insecure configurations and default passwords to gain access to remote devices and run code on them is unethical, and taking precautions to not interfere with any normal operation of the devices being used doesn’t make it OK,” Rapid7 risk management security researcher Mark Schlosser told InfoWorld via email.

The simple fact that Carna was able to collect data—9TB in all—from so many machines around the world is scary. What happens when the next botnet isn’t a friendly one and is instead used by cybercriminals to infect God knows what into our networks? And according to the researcher who ran Carna, even though the botnet reached about 420,000 clients, the actual number of open devices with default or no passwords was a lot higher.

Approximately 70 percent of all open devices are either too small, don’t run Linux, or only have a very limited telnet interface, making it impossible to start or even upload a binary,” the researcher said on the Internet Census 2012 Web site.

The 420,000 devices Carna hit represented about 24 percent of all the unprotected machines it found. The researcher actually collected unprotected addresses for about 1.2 million devices.

A lot of devices and services we have seen during our research should never be connected to the public Internet at all,” the researcher said. Believe it or not, there were hundreds of thousands of devices you would never think of being connected to the Internet, “like half a million printers, or a million Webcams, or devices that have ‘root’ as a root password.

So not only is the 2010 Internet Survey map hella cool, but hopefully it will wake a lot of people up to the real risks that are out there. Mr. Anonymous Researcher hopes it will raise awareness that, “while everybody is talking about high-class exploits and cyber war, four simple, stupid default telnet passwords can give you access to hundreds of thousands of consumer as well as tens of thousands of industrial devices all over the world.

Of course, like any good vigilante, he (or maybe she) can’t reveal his name, since the whole thing was illegal. And while he was deploying his harmless but illegal Carna bot, he actually came across another not-so-friendly bot called Aidra that distributed denial of service and was running on thousands of the open devices. What did he do? He altered Carna to prevent the Aidra infections. He’s not a criminal, he’s a hero!

The fact is that the state of security on thousands of Internet-connected devices is lower than one would assume,” Schloesser said. “Finding another botnet on a subset of these devices is not surprising at all — other research showed the very concerning state of security on the public internet in the past as well.

And as more devices are connected to the Internet, the problem is only expected to get worse. Right now there may be millions of unprotected computers, printers, Webcams and mobile devices, but soon we may have cars, coffee makers and televisions running off the Web. Anonymous researcher has done us all a favor by pointing out, in vivid imagery, our vulnerability. He shouldn’t be hiding behind a mask. Someone give him a medal!