Symantec has confirmed cybercriminals are using the Internet of Things to spread malware and create botnets, hijacking IoT devices to carry out distributed denial of service (DDoS) attacks on more profitable targets, usually large companies. To succeed, they need cheap bandwidth and get it by stitching together a large web of consumer devices that are easy to infect because they lack sophisticated security. This is why security has become a key issue for embedded IoT development projects.
- Maxim launches reference design for IoT node security...
- Two factor security IP designed into IoT microcontroller...
- Cybersecurity researchers design a chip that checks iteself...
- Vital end-to-end encryption for embedded IoT appli...
- IoT to hit 27bn devices by 2025 producing 2 Zb of ...
“For this reason, the prpl Foundation advocates for standards in for manufacturers and developers of IoT - in even the smallest of devices. Three basic principles to these standards are using open source - rather than proprietary software, forging a root of trust at the hardware level in embedded systems and exercising security by separation using hardware virtualisation, making it more difficult for criminals to get control,” he said.
More than half of all IoT attacks originate from China and the US, based on the location of IP addresses to launch attacks says Symantec. High numbers of attacks are also emanating from Germany, the Netherlands, Russia, Ukraine and Vietnam. In some cases, IP addresses may be proxies used by attackers to hide their true location.
Most IoT malware targets non-PC embedded devices such as web servers, routers, modems, network attached storage (NAS) devices, closed-circuit television (CCTV) systems, and industrial control systems. Many are Internet-accessible but, because of their operating system and processing power limitations, they may not include any advanced security features.
Although 2015 was a record year for IoT attacks, these are less interested in the victim and the majority wish to hijack a device to add it to a botnet, most of which are used to perform DDoS attacks.
“The primary reason why IoT devices are being hacked and most often added to existing botnets is primarily because there are accessible from the Internet directly,” said Stephen Gates, chief research intelligence analyst at NSFOCUS. “Often, people who deploy an IoT device are simply not deploying them behind firewalls. Instead, they are deploying them in a fashion whereby the devices are completely accessible from anywhere on the Internet. Also, many people are not changing default passwords on these devices. Vendors who develop these technologies try to make them as easy as possible to install to help reduce customer support calls; which can be very costly for the vendor.”
Additional information on Symantec’s IoT research can be found at: http://www.symantec.com/connect/blogs/iot-devices-being-increasingly-used-ddos-attacks
No comments:
Post a Comment