This week on our blog, we have a guest post from Martin Schlatter CIO & APAC CEO at NTT Security.
Asian organisations, like their counterparts around the world, are under constant attack from an increasingly sophisticated, determined and agile enemy. Phishing attacks, designed as an initial attack vector, followed by various forms of malware, make it difficult to detect and block targeted attacks early in the kill chain. All of these are discussed in further detail in our new Global Threat Intelligence Report (GTIR).
Of the many attacks affecting not only Asian organisations but countless others across the globe some 60% of the Mirai infections we detected worldwide were linked to source IP addresses in Asia.
Mirai is one of the most pernicious threats to have surfaced in recent times. This malware scans the web for IoT systems protected only by factory default or hard-coded log-ins. Once taken over by hackers, these devices are conscripted into a botnet and used to launch devastating DDoS attacks. With more and more businesses using IoT or operational technology (OT) systems without securing them properly, Mirai could be just the first of a new breed of super-powered DDoS botnets.
Is Asia’s IoT under fire? Based on this year’s GTIR, featuring data analysis from over 3.5 trillion logs and 6.2 billion attacks, it is clear that Asian consumers and businesses are failing on a large scale to adequately secure their IoT endpoints.
Why is this important? Well, for one, they could one day be on the receiving end of a Mirai-powered DDoS, knocking key systems offline for extended periods. If compromised, corporate devices participate in such attacks and may be blacklisted, damaging the organisation’s reputation and ability to function effectively online.
It is therefore important to secure IoT devices not only to mitigate DDoS threats but also to lock down other potential cyber attacks. As smart devices and OT systems find their way into the workplace in ever greater numbers, hackers might try to hijack cameras and microphones to spy on users, or craft attacks designed to use the IoT device as a gateway into the corporate network – which could lead to damaging data breaches.
So what can you do to lock down risk? As our GTIR explains, there are several simple steps that can make a real difference. Start by changing the default password for any IoT devices to strong, hard-to-crack or guess credentials. For corporate IT departments, having a comprehensive and automated patch/configuration management strategy is a must. Always keep any systems up-to-date with available patches where possible, and vet any new devices to ensure they have robust security capabilities built in.
In Asia, two industries were targeted in the vast majority (78%) of all cyber attacks – finance (46%) and manufacturing (32%), these best practices however apply to all organisations regardless of industry sector.
For more tips, download our Global Threat Intelligence Report (GTIR): https://www.nttsecurity.com/GTIR2017.