sb-as logo
Story image

Will 2017 be the year that IoT threats go mainstream?

03 Feb 2017

The Internet of Things (IoT) is changing the way we live and work forever. It makes us more productive, healthier and happier, and it enables businesses to work smarter, more efficiently and with greater agility. There’s just one problem: from a security perspective IoT devices are fundamentally flawed. And the bad guys are getting pretty good at exploiting them.

Trend Micro predicts that 2017 could see an avalanche of new attacks on consumer-grade smart devices and industrial IoT environments. These systems may be worlds apart. But the effect of compromises on targeted businesses could be similarly devastating.

Mirai: just the beginning?

If 2016 was the year IoT-powered botnets became big news, then the coming 12 months could see the trend finally go mainstream. After the source code of the now infamous Mirai malware was publicly revealed last year, it didn’t take long before the black hats were using it to probe smart home devices for those featuring default usernames and passwords. They were then able to compromise such devices in the tens of thousands to create botnets capable of launching some of the biggest DDoS attacks ever seen.

One allegedly took the African nation of Liberia briefly offline. The most notable targeted the DNS firm Dyn, which had a devastating knock-on effect, taking down its clients – some of the biggest names on the web. The likes of Twitter, Reddit, Spotify and SoundCloud were all affected.

We predict that cybercriminals will this year continue to leverage basic security vulnerabilities in consumer grade devices like webcams and DVRs to build DDoS botnets. After all, the lukewarm reaction to Mirai among the vendor community has proven that there’ll always be vulnerable devices to exploit.  In the crosshairs of hacktivists and financially motivated attackers using DDoS botnets will be service-based, news, corporate, and political sites this year.

Going industrial

At the other end of the spectrum, we’re likely to see an uptick in highly targeted attacks aimed at compromising Industrial IoT systems, like those found in manufacturing and energy firms. Once again, the precedent has already been set. Ukrainian power stations were disrupted in December 2015 and 2016 by relatively sophisticated attackers, leaving many without electricity.

The risk here is not necessarily of data loss but very real physical harm – because IIoT sits at the intersection of physical and cyber worlds. Hack a connected car and you could cause a major pile-up on the freeway. Successfully hack a power station during the middle of winter and who knows what could happen to residents unable to heat their homes?

Unfortunately, in this sphere too, the products themselves are woefully vulnerable to attack. In fact, supervisory control and data acquisition (SCADA) system vulnerabilities comprised nearly a third (30%) of the total number of vulnerabilities found by Trend Micro TippingPoint in 2016.

So what can we do? We can try to raise awareness of security among consumers and manufacturers, to reduce the easy pickings for the bad guys. And from an industrial standpoint, security bosses should always try to keep mission critical systems patched and up-to-date, and where possible, air-gapped from the wider internet. Also, ensure you have network IPS in place to detect and block malicious network packets.

As we head into a new year, we’re all going to have to up our game to mitigate the growing IoT security threat.

Article by Ed Cabrera, Trend Micro's chief cybersecurity officer.

Story image
Why zero trust could fail due to lack of understanding​, not technology
Security architects are being forced to re-examine the concept of identity, with many turning to a zero trust security model to provide a better architecture for protecting their sensitive resources.More
Download image
Enterprise leaders discuss what makes up networking infrastructure
NFV is fast becoming the go-to method of simplifying corporate networks from planning, through deployment and management.More
Story image
Palo Alto Networks extends cloud native security platform with new modules
Palo Alto Networks has announced the availability of Prisma Cloud 2.0, including four new cloud security modules, thus extending its Cloud Native Security Platform (CNSP). More
Story image
Microsoft is most imitated brand for phishing attacks in Q3
Popular phishing tactics using the Microsoft brand used email campaigns to steal credentials of Microsoft accounts, luring victims to click on malicious links which redirect them to a fraudulent Microsoft login page. More
Story image
CrowdStrike targets Zero Trust blind spot with new offering
CrowdStrike has officially launched CrowdStrike Falcon Zero Trust Assessment (ZTA), designed to aid in overall security posture by delivering continuous real-time assessments across all endpoints in an organisation regardless of the location, network or user. More
Story image
Surfshark rolls out WireGuard open source VPN protocol
When there is less code in a VPN, it is less susceptible to security vulnerabilities due to easier configuration and management, according to Surfshark.More