IoT-based Attacks on Rise
Wednesday, September 28, 2016 @ 01:09 PM gHale
One fear with the growth of Internet of Things (IoT) or the Industrial Internet of Things (IIoT) is in a device makers’ haste to get capable devices out the door, they are lacking in security.
The problem is bad guys know it. That is why attack networks are increasingly taking advantage of lax IoT device security to spread malware and create zombie networks, or botnets.
Cybercriminals are hijacking home networks and everyday consumer connected devices to help carry out DDoS attacks on more profitable targets, usually large companies, according to a report from Symantec’s Security Response team. To succeed, they need cheap bandwidth and get it by stitching together a large web of consumer devices that are easy to infect because they lack sophisticated security. IoT devices are a prime target, since they are designed to be plugged in and forgotten after basic set-up.
IoT devices are coming out at a high rate, many of them delivered by companies with little experience in hardening devices against attack. As a result, they’re falling victim to simple attacks that rely on very poor security in the device.
The most common passwords IoT malware used to attempt to log into devices was, unsurprisingly, the combination of ‘root’ and ‘admin’, indicating default passwords are frequently never changed.
More than half of all IoT attacks originate from China and the U.S., based on the location of IP addresses to launch malware attacks. High numbers of attacks are also emanating from Germany, the Netherlands, Russia, Ukraine and Vietnam. In some cases, IP addresses may be proxies used by attackers to hide their true location.
Most IoT malware targets non-PC embedded devices such as web servers, routers, modems, NAS devices, CCTV systems, and industrial control systems. Many are Internet-accessible but, because of their operating system and processing power limitations, they may not include any advanced security features.
As attackers are now highly aware of insufficient IoT security, many pre-program their malware with commonly used and default passwords, allowing them to easily hijack IoT devices. Poor security on many IoT devices makes them easy targets, and often victims may not even know they have been infected.
Here are some tips Symantec offered to stay protected:
• Research the capabilities and security features of an IoT device before purchase
• Perform an audit of IoT devices used on your network
• Change the default credentials on devices. Use strong and unique passwords for device accounts and Wi-Fi networks. Don’t use common or easily guessable passwords such as “123456” or “password”
• Use a strong encryption method when setting up Wi-Fi network access (WPA)
• Many devices come with a variety of services enabled by default. Disable features and services that are not required
• Disable Telnet login and use SSH where possible
• Modify the default privacy and security settings of IoT devices according to your requirements and security policy
• Disable or protect remote access to IoT devices when not needed
• Use wired connections instead of wireless where possible
• Regularly check the manufacturer’s website for firmware updates
• Ensure a hardware outage does not result in an unsecure state of the device