We have discussed the impact of the “Internet of Things” or “IoT” in our previous posts, and further in more detailed papers regarding both the benefits and the potential security challenges associated with such devices. The cyber attack last week responsible for bringing down the websites of Twitter, Spotify and Reddit further underlines that potential vulnerabilities with connected devices should not be underestimated.
This latest attack shows the cyber risks associated with IoT are very real. In this instance, reportedly using the malware “Mirai” which enlists the help of vulnerable IoT devices (such as those with easy to guess factory default usernames and passwords) to carry out a “denial of service” attack by sending bogus requests to online targets until they cannot respond to legitimate visitor to the site.
So what can be done?
Our research from the Global Threat Intelligence Report noted that the security perimeter is shifting – with seven of the top 10 vulnerabilities now residing on the endpoint. Awareness of the importance to secure mainstream corporate devices such as PCs, laptops and smartphones is increasingly commonplace although, with the increase of IoT, it is essential that these devices are also managed in line with the organisation’s overall cybersecurity strategy.
This latest example amplifies the need to put in place the basics – don’t use the factory pre-sets for usernames and passwords. Changing them as soon as possible can help prevent the opportunistic use of your IoT in a cyber attack.
Shining the light on a guilty toaster may be seen as a little flippant, but the fact is that any connected device could potentially be exploited to play a role in a cyber attack if it is not secured and continually monitored for abnormal behaviour on the network.
If the basics are not in place to ensure it is adequately secured and there is little or no visibility of its behaviour on the network, the chilling reality is that it could be used for cyber attacks. More worrying still is that the damage it creates may go unnoticed until it is too late.
DDoS attacks are typically aimed at a single website. Friday's attack on Dyn, which acts as a directory service for huge numbers of firms, affected several of the world's most popular websites at once.The use of internet-connected home devices to send the attacking messages is also a relatively new phenomenon, but may become more common.