Access the latest quantum technology

Quantum technology in Bristol and bath - find out more about how you can access the commercialisation of quantum technology for sensing and security

Friday, September 23, 2016

Symantec identifies IoT security risks

By Nick Flaherty www.flaherty.co.uk


Symantec has confirmed cybercriminals are using the Internet of Things to spread malware and create botnets, hijacking IoT devices to carry out distributed denial of service (DDoS) attacks on more profitable targets, usually large companies. To succeed, they need cheap bandwidth and get it by stitching together a large web of consumer devices that are easy to infect because they lack sophisticated security. This is why security has become a key issue for embedded IoT development projects.
“The nature of many IoT devices is that they are always on and always connected, making them prime targets for attackers to exploit,” said Cesare Garlati, chief security strategist for the not for profit prpl Foundation that is backed by Imagination Technologies. “If we look at the humble light bulb, while it might not seem like a big deal if a single light bulb in a home is breached, what if a hacker could control every one of those light bulbs within a set area to create a power surge that cause a massive black out?”

“For this reason, the prpl Foundation advocates for standards in for manufacturers and developers of IoT - in even the smallest of devices. Three basic principles to these standards are using open source - rather than proprietary software, forging a root of trust at the hardware level in embedded systems and exercising security by separation using hardware virtualisation, making it more difficult for criminals to get control,” he said.

More than half of all IoT attacks originate from China and the US, based on the location of IP addresses to launch attacks says Symantec. High numbers of attacks are also emanating from Germany, the Netherlands, Russia, Ukraine and Vietnam. In some cases, IP addresses may be proxies used by attackers to hide their true location.

Most IoT malware targets non-PC embedded devices such as web servers, routers, modems, network attached storage (NAS) devices, closed-circuit television (CCTV) systems, and industrial control systems. Many are Internet-accessible but, because of their operating system and processing power limitations, they may not include any advanced security features.

Although 2015 was a record year for IoT attacks, these are less interested in the victim and the majority wish to hijack a device to add it to a botnet, most of which are used to perform DDoS attacks.

“The primary reason why IoT devices are being hacked and most often added to existing botnets is primarily because there are accessible from the Internet directly,” said Stephen Gates, chief research intelligence analyst at NSFOCUS. “Often, people who deploy an IoT device are simply not deploying them behind firewalls. Instead, they are deploying them in a fashion whereby the devices are completely accessible from anywhere on the Internet. Also, many people are not changing default passwords on these devices. Vendors who develop these technologies try to make them as easy as possible to install to help reduce customer support calls; which can be very costly for the vendor.”

Additional information on Symantec’s IoT research can be found at: http://www.symantec.com/connect/blogs/iot-devices-being-increasingly-used-ddos-attacks



No comments: