How do you think things like Google Nest thermostats work? They connect wirelessly to your Internet connection.
Apparently this smart thermostat also had a hidden router built in that allowed it to bridge devices such as the Dominion voting machines in this instance to the outside world.
This is exactly my point. Just because a thermostadt is in the closet doesnt mean anything. There has to be a connection to the outside world for this device to provide an attack vector into the network to the machines.
Oh my.... You apparently don't understand how networks work then. They connect to the local wireless LAN (Local Area Network). Devices on the same network can indeed interact with them locally... but why then do you need to register an account through a third party app for most of them? Because the devices also allow for the app to control the device from OUTSIDE the LAN. Which means that the device needs external internet connectivity for this to occur. If this internet connectivity is available, then it creates an attack vector for hackers to utilize these devices to connect into the local network through the external connection.
There has been no confirmation that the device had a wireless router. The proper terminology would be Access Point (AP), because its not "routing" which is more involved, its simply exposing a wireless connection. Even so, i'm fairly confident that what we are really talking about is that the building had internet connectivity, and a smart thermostat that allowed for external control of the internal climate. Through this combination of connectivity, a hacker could break through (piggybacking) off of the door that the thermostat provides. However, this is all speculation and if the machines were not connected to this local network and therefore my original point stands... Is it possible? Yes, but there is no confirmation other than loosely throwing around terms and concepts.
How do you think things like Google Nest thermostats work? They connect wirelessly to your Internet connection.
Apparently this smart thermostat also had a hidden router built in that allowed it to bridge devices such as the Dominion voting machines in this instance to the outside world.
This is exactly my point. Just because a thermostadt is in the closet doesnt mean anything. There has to be a connection to the outside world for this device to provide an attack vector into the network to the machines.
You don't understand how smart thermostats work then. They're connected to the Internet so they can be controlled remotely via smart phone apps, etc.
This thermostat had a wireless router built in and allowed any devices connected to it to piggyback off its Internet connection.
Oh my.... You apparently don't understand how networks work then. They connect to the local wireless LAN (Local Area Network). Devices on the same network can indeed interact with them locally... but why then do you need to register an account through a third party app for most of them? Because the devices also allow for the app to control the device from OUTSIDE the LAN. Which means that the device needs external internet connectivity for this to occur. If this internet connectivity is available, then it creates an attack vector for hackers to utilize these devices to connect into the local network through the external connection.
There has been no confirmation that the device had a wireless router. The proper terminology would be Access Point (AP), because its not "routing" which is more involved, its simply exposing a wireless connection. Even so, i'm fairly confident that what we are really talking about is that the building had internet connectivity, and a smart thermostat that allowed for external control of the internal climate. Through this combination of connectivity, a hacker could break through (piggybacking) off of the door that the thermostat provides. However, this is all speculation and if the machines were not connected to this local network and therefore my original point stands... Is it possible? Yes, but there is no confirmation other than loosely throwing around terms and concepts.