It’s the dawn of a new day and a new year as well. It also means it’s a dawn of new cyber threats as well. Did you know that McAfee Labs saw an average of around 480 new threats emerging per minute during Q3 of 2018? If that doesn’t worry the inner cybersecurity person in you, then how about the fact that most of these threats were by cybercriminals targeting IoT devices?
With the increase in the number of connected devices, our lives are indeed becoming easier. From controlling your home appliances to keeping a check on your inventory whether at home or at work, IoT devices have seen a surge in popularity due to their ease of use and adaptability.
The Fame of IoT devices can be its own downfall
The very surge in popularity of IoT devices is why it’s targeted so much by hackers and other cybercriminals. With Hansa and AlphaBay being taken down, cybercriminals are looking for new entrepreneurial ventures to stay ahead of law enforcement. In case you didn’t know, Hansa and AlphaBay were both online darknet markets that operated on the Tor network. They were both seized and taken down as a result of Operation Bayonet, which was a multinational law enforcement operation.
Hansa and AlphaBayboth were two online darknet markets that wre both seized and taken down as a result of Operation Bayonet (Image Credits: DeepDotWeb)
Despite all this, cybercriminals are looking at new ways to earn a quick (and illegal) quick buck. “Cybercriminals are very opportunistic in nature,” said John Fokker – Head of Cybercriminal Investigations at McAfee. He explained that the cyberthreats that once began as simple chat conversations on hidden forums have now transformed into fully-fledged products and services that are available for hire on underground markets.
Among these are products and services that steal user credentials, stealing credit card details from eCommerce sites, exploiting remote desktop protocols (RDP)s and ransomware as a service. We’ve seen ransomware such as WannaCry and Petya hold entire systems at bay till their ransom was paid or risked the potential loss of data.
From stealing user credentials to exploiting RDPs to ransomware as a service, cyber threats have evolved over time and are even available for hire (Image Credits: Compli)
Something that has not been looked at is the connection between cryptomining and IoT devices. This has been because IoT devices usually lack the processing power to carry out cryptomining. But the thing about IoT devices is that they are all networked. So as the saying goes “small drops make an ocean”.
As such, cybercriminals focused on the growing numbers of IoT devices and have created methods to harness thousands of these devices and create mining supercomputers. According to McAfee Labs report, new malware targeting IoT devices grew 72%. New coinmining malware also grew by almost 55% as well.
Why are cybercriminals targeting IoT devices?
Well, the simple reason is that they are easy to hack into. For example, DDoS attacks increased by 91% in 2017 thanks to IoT. This is because of the growing availability of DDoS-for-hire services (which can be found on the Dark Web) and also the implementation of numerous unsecured IoT devices.
With the increase in the number of IoT devices, especially unsecured IoT devices, cybercriminals are going all out to hack these devices (Image Credits: Smart Cities World)
IOT devices such as Routers, network cameras & DVRs and smart home appliances lack the proper security needed to defend against a DDOS attack. Because these devices are mass produced, a significant portion of these devices ship out with default passwords and their vulnerabilities cannot be get fixed in time. In addition, most IoT devices do not get embedded with any security mechanisms, and a lot of them do not get placed within the traditional IT network.
Developed countries are at a greater risk of attack
IoT devices in developed nations are particularly attractive because they allow access to many business websites that block traffic from suspicious or foreign IP addresses. Cybercriminals can use the compromised device’s IP address to engage in intrusion activities, making it difficult to filter regular traffic from malicious traffic.
Developed countries are at a greater risk of attack. Imagine if all the healthcare records of a country suddenly vanished, or were tampered with? (Image Credits: Breadware)
Some of the malicious activities these IoT devices can be used for spending spam emails, hiding network traffic, and generating ad-revenue click fraud. In addition, the devices can also be infected with a credential-stuffing attack. This would see the device being used as an entry point into a wider network.
Other data collected can include a user’s speech patterns and phrases (Google Assistant or similar along with Smart TVs) and geographical location. Another example can be a smart electricity meter. A hacker could figure out what devices are connected to the meter, which of them are smart devices, and then proceed to bypass your firewall and gain entrance to your PC or laptop through your internet connection.
How does one stay safe when using an IoT device?
It all comes down to the manufacturer and the user. If you’re a manufacturer of IoT devices, you should ensure that your device has proper user authentication. If a device has a vulnerability that can cause a potential breach of data, it is strongly recommended to work on a security patch for it and deploy it. This is so that users of the device can update the firmware on their own devices.
If you’re using an IoT device, one of the most important things you can do is to make sure you’re using a strong username and password for the device. The stronger these are, the more difficult it would be for a cybercriminal to gain access to the device, even with a brute force attack.
Making sure your IoT device has a strong username and password is one of the first steps to protect it. (Image Credits: ISO Republic)
If an IoT device within your network has an update, it is strongly recommended to apply the update. Not only does it make sure that the operating system on the device is protected from the latest malware threats, but it can also increase the performance of the device as well.
Have you tried turning it off and on again?
If your IoT device is infected with malware, sometimes a simple reboot of the device can actually remove the malware. This is because the Malware is stored in the RAM of the device. As RAM is a volatile storage method, a loss of power would essentially wipe out the malware and keep the IoT device safe. Then again, this depends on the type of malware as well. Cybercriminals will always look for more ways to gain access to devices through various loopholes.
Further, a VPN can help protect against DDoS attacks. It does so by protecting the user IP address. This makes it difficult for hackers to launch a targeted attack. Depending on the VPN provider, they also offer dedicated anti-DDoS servers to protect from further DDoS attacks.
A VPN or Virtual Private Network can help communicate between devices safely without being compromised (Image Credits: VPN Unlimited)
As always, constant vigilance is the key. Whether you’re a device manufacturer or a user, ensuring that your device is secured as much as possible will save you from the hassle of being a victim of a cybercriminal. Remember, “an ounce of prevention is worth a pound of cure”.
Do you have any tips on how to secure an IoT device? We would love to hear from you. Leave a comment below.
The post Cybercriminals Are Probably Using Your IoT Devices appeared first on README.