[ti:Report: Millions of Smart Devices Face Risks of Hacking] [by:www.51voa.com] [00:00.00]更多听力请访问51VOA.COM [00:00.04]Internet security researchers say they have identified software weaknesses [00:07.36]that put millions of smart devices at risk for attacks, or hacking. [00:15.36]The security weaknesses, also known as vulnerabilities, [00:20.52]could be used by hackers to attack business or home computer networks. [00:28.48]The report, by cybersecurity company Forescout Technologies, [00:34.44]says the affected devices were built by an estimated 150 manufacturers. [00:43.44]Many devices are designed for personal use and include the ability [00:49.56]to control home cameras and temperature controls from a distance, the report said. [00:58.36]Companies use similar devices in security systems, [01:03.08]heating and cooling equipment, printers and servers. [01:09.00]There is no evidence that any attacks [01:12.28]have already been carried out on the vulnerable devices. [01:17.64]But the risks pointed out in the report [01:21.00]led the U.S. Cybersecurity and Infrastructure Security Agency (CISA) [01:26.92]to issue an advisory warning. [01:31.16]In the advisory, CISA suggests that defensive measures [01:36.88]should be taken to lessen the risks of hacking. [01:42.08]Specifically, the agency said industrial control systems [01:47.20]should not be accessible from the internet [01:50.60]and should be separated from company networks. [01:55.20]Awais Rashid is a computer scientist at Britain's [01:59.84]Bristol University who examined the report's findings. [02:06.08]He told The Associated Press that in the worst case, [02:11.20]control systems that drive “critical services” - such as water, [02:16.28]power and self-operating building equipment - could be damaged. [02:22.76]Rashid said the discovery shows the dangers cybersecurity experts [02:29.16]often find in internet-linked devices [02:33.04]designed without much attention to security. [02:38.32]Careless programming by developers [02:41.08]appears to be the main issue in this case, he added. [02:47.04]Dealing with the problem is especially complex because the vulnerabilities [02:53.08]are found in so-called open-source software. [02:58.56]Open-source means the software is free to use [03:02.60]and that the program that was first created can be changed by anyone. [03:09.44]In this case, the issue relates to internet software [03:13.88]that runs communications through a technology called TCP/IP. [03:21.64]This technology uses a set of rules [03:25.04]that control the connection of computer systems to the internet. [03:30.88]Elisa Costante is vice president of research for Forescout. [03:37.88]She told the AP the fact that open-source software [03:43.04]is not owned by anyone makes the problem difficult to solve. [03:49.40]In addition, some of the vulnerable TCP/IP methods used [03:55.00]are twenty years old. [03:57.92]This means it is up to device manufacturers [04:01.48]to fix the vulnerabilities themselves [04:04.80]and some may not have the time or money to do so, Costante said. [04:11.56]“The biggest challenge comes in finding out what you've got,” [04:16.32]said Bristol University's Rashid. [04:20.44]The vulnerabilities could leave business networks [04:24.04]open to destructive denial-of-service attacks. [04:29.28]Computer systems could also be infected with ransomware [04:34.24]or other tools that permit attackers to take over devices. [04:39.56]Experts say the risks are even higher now [04:43.80]with so many people working from home during the coronavirus pandemic. [04:50.32]This could permit attackers to hack into home networks [04:54.84]and use this as a pathway into company networks. [05:00.48]Forescout says it contacted as many device manufacturers [05:05.36]as it could about the vulnerabilities. [05:09.36]It also warned security officials in the U.S., Germany and Japan. [05:16.96]I'm Bryan Lynn. 更多听力请访问51VOA.COM