The use of malicious software to attack IoT devices like smart home security monitoring systems is rising and growing more sophisticated as cyber criminals take advantage of lax security, Nokia’s Threat Intelligence Report 2019 has warned.
IoT botnets were first seen in meaningful numbers in 2016, the Finnish firm says. A botnet is a system of computers that can be infected with malicious software and controlled by a single computer for doing things like stealing bank account information and shuttering web sites.
Kevin McNamee, director of Nokia’s Threat Intelligence Lab and lead author of the report, said: “Cyber criminals are switching gears from the traditional computer and smartphone ecosystems and now targeting the growing number of vulnerable IoT devices that are being deployed. You have thousands of IoT device manufacturers wanting to move product fast to market and, unfortunately, security is often an afterthought.
“Cyber criminals have increasingly smart tools to scan for and to quickly exploit vulnerable devices, and they have new tools for spreading their malware and bypassing firewalls. If a vulnerable device is deployed on the internet, it will be exploited in a matter of minutes.”
To download the report visit https://pages.nokia.com/T003B6-Threat-Intelligence-Report-2019.html.
Comment
Yossi Naar, co-founder and chief visionary officer at cyber analytics product firm Cybereason, said “The problem with securing hundreds of billions of connected devices is that we must secure hundreds of billions of connected devices. That may seem obvious and slightly nonsensical, but it is the vast attack surface and the potential complexity of the IoT device security challenge that has us all concerned. Yet, and at odds with that potential complexity challenge, is the reality that we must make IoT security simple. Attackers can use IoT devices as routes of attack to move into computers, servers, and company systems so being able to detect a threat’s movement across devices is key. It is also nearly impossible, without using AI, to make sense of all the metadata that is being created.
“Today, we see how cybercriminals can quickly build vast armies of attack bots and launch global security offensives. While the Mirai botnet in 2016 was the most infamous, as routers and IP cameras were taken hostage in the hundreds of thousands, many more IoT botnets have cropped up since then. That includes the Satori IoT malware in December 2017 that amassed a botnet of more than 100,000 routers. And, in July 2018, when another attacker exploited a vulnerability to attack routers and build an 18,000-device botnet in a single day. In other cases, attackers strengthened existing botnets by conscripting IoT devices. The creators of the LizardStresser botnet infamously hijacked 1,300 Internet-enabled cameras to add to an existing network of infected machines.
“Organisations have tended to focus on product features and getting a device to market as quickly as possible. In too many cases security features are considered towards the end of the design process when making a product more secure can mean reducing or eliminating features, or even delaying a product release – outcomes that adversely affect sales. It’s a situation that can end without any winners, with devices released that are inherently insecure. Simply put, security needs to be a primary design consideration, as fundamental as any other measure of performance. There should be a focus on tight mechanisms for strong authentication and the minimisation of the potential attack surface. It’s a fundamental design philosophy that responsible companies have, but it’s not a reflex for all companies – yet.”
