{"id":1306,"date":"2019-07-24T12:46:35","date_gmt":"2019-07-24T04:46:35","guid":{"rendered":"https:\/\/greycortex.hk\/?page_id=1306"},"modified":"2019-08-19T12:18:53","modified_gmt":"2019-08-19T04:18:53","slug":"use-case-infected-smart-tv","status":"publish","type":"page","link":"https:\/\/greycortex.hk\/zh\/use-case-infected-smart-tv\/","title":{"rendered":"Use Case – Infected Smart TV in Corporate Headquarters"},"content":{"rendered":"
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

Infected Smart TV in\nCorporate Headquarters<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Industry:<\/strong><\/p>

Medium Enterprise<\/p>

Entry Point:<\/strong><\/p>

Infected IoT device<\/p>

Objective:<\/strong><\/p>

Data theft<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t

\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

Primary Detection:<\/strong><\/p>

Anomalies, and repetitive machine-like behavior detected by behavioral analytics features within MENDEL<\/p>

Attack Stopped by:<\/strong><\/p>

Firewall Integration<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t
MENDEL was installed to monitor the network at the headquarters of a commercial enterprise. As part of an office renovation, the company installed a smart TV in their employee cafeteria. As an IoT device, endpoint security was not installed, but it could still communicate over the entity\u2019s network. MENDEL was able to monitor the device by analyzing its network communications.<\/h5>
MENDEL identified periodic, repetitive communication, including a higher than expected volume of data transfer outbound from the network taking place at this device. MENDEL automatically alerted the security team, who usedMENDEL\u2019s firewall integration to block communications from the device prior to investigation. Using MENDEL\u2019s incident management tools, the team was able to coordinate investigation of the device. The television contained malicious apps which were the cause of the problem, and which were pre-installed on the TV. They were removed.<\/h5>
IoT devices are notoriously dangerous to the larger network over which they communicate. They often feature easily breakable passwords which are unknown to the end user and which are rarely changed (and in some cases, are available via Google search). Endpoint security clients often cannot be installed on IoT devices and they are frequently overlooked by network administrators. MENDEL detects threats from IoT devices just like it detects those from \u201ctraditional\u201d devices \u2013 by modeling their normal behavior and identifying anomalous and possibly malicious events as the threats attempt to take action within the network.<\/h5>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\"\"\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t
\n\t\t\t
<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t

\u4f60\u6709\u4ec0\u9ebc\u554f\u984c\u55ce\uff1f<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

\u8acb\u7559\u4e0b\u60a8\u7684\u806f\u7d61\u65b9\u5f0f\uff0c\u4ee5\u4fbf\u6211\u5011\u6839\u64da\u60a8\u516c\u53f8\u7684\u9700\u6c42\u63d0\u4f9b\u500b\u6027\u5316\u7684\u670d\u52d9\u3002<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>","protected":false},"excerpt":{"rendered":"

Infected Smart TV in Corporate Headquarters Industry: Medium Enterprise Entry Point: Infected IoT device Objective: Data theft Primary Detection: Anomalies, and repetitive machine-like behavior detected by behavioral analytics features within MENDEL Attack Stopped by: Firewall Integration MENDEL was installed to monitor the network at the headquarters of a commercial enterprise. As part of an office […]<\/p>","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"page-templates\/fullwidth-content.php","meta":{"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","_crdt_document":"","advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"footnotes":""},"class_list":["post-1306","page","type-page","status-publish","hentry"],"jetpack_shortlink":"https:\/\/wp.me\/PaZ0Rf-l4","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/pages\/1306","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/comments?post=1306"}],"version-history":[{"count":25,"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/pages\/1306\/revisions"}],"predecessor-version":[{"id":1926,"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/pages\/1306\/revisions\/1926"}],"wp:attachment":[{"href":"https:\/\/greycortex.hk\/zh\/wp-json\/wp\/v2\/media?parent=1306"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}