Chad Loder, former co-founder and VP of engineering at Rapid7 and now co-founder and CEO of Habitu8, connected with Sean Martin to share his views on the recently-exposed "researcher" toolkit aptly referred to as the "automated mass exploiter" and named "AutoSploit."
According to Loder, AutoSploit is a small piece of Python code created by a researcher and published on Github. The code automates the collection of Internet-connected device data pulled via APIs from Shodan and feeds that data into an existing automated exploitation tool, metasploit. Loder describes how this combination, while not the end of the world, connects the exploit framework in metasploit directly to the Internet at large, essentially creating a mass exploitation toolkit that lowers the bar for many to use.
"It’s akin to keeping the spray paint locked up in the do-it-yourself home improvement store to prevent teenagers from spray painting every wall in town," says Loder. "It's like handing out the spray paint to a bunch of high school kids. It won't hurt anyone, but it can be super annoying."
From a business perspective, organizations will likely see an increase in the chance of getting hit by a really common exploit. It’s more of a question of who is doing the attack, and not so much about the amount of traffic or the type of traffic they will see. Essentially, exploits can be conducted more quickly with this tool. And, where most companies are already struggling, this simply adds to their already-mounting infosec stress.
When it comes to small and medium businesses (SMBs), especially those that use the wireless routers provided by their Internet Service Provider (ISP) and that never get patched or updated, they are probably in for a rude awakening. Loder suggests, however, that this problem shouldn't land on the SMBs shoulders to bear; information security should be handled for them, just like they get clean power and clean water.