Tag: Internet of Things

IoT Threats Triple Since 2017

In the first half of 2018, more than 120,000 modifications in malware attacked Internet of Things (IoT) devices — triple the total in 2017 and more than 10 times for 2016, according to a new report by researchers at Kaspersky Labs.

The report shows that simple, brute-force attacks on passwords were still the most commonly used techniques to breach IoT security, making up at least part of 93% of the attacks seen. Those attacks compromised a wide variety of devices, which were then used for malicious cryptocurrency mining, DDoS attacks, the inclusion of devices in botnet threats, and more.

Read more about the findings of the new report on DarkReading.


Five key security tips to avoid an IoT hack

Recently, Russian PIR Bank lost $1,000,000 because of a compromised router that allowed hackers to gain entry into their local network. Why did it happen and how companies can protect themselves?

Malicious IoT hacking incidents are a norm today. That is not surprising, considering that by 2020, the IoT is expected to reach a staggering amount of 20.4 Bn devices. Homes and enterprises using legacy security measures are in danger because of the ever-growing IoT.

Read more about IoT hacking and learn how you can stay safe, on Help Net Security.

IT security teams are being locked out of IoT projects

Trend Micro revealed that organizations around the world are exposing themselves to unnecessary cyber risk by failing to give IT security teams a voice when planning IoT project deployments in enterprise environments.

A survey of 1,150 IT and security decision makers in Germany, France, Japan, the UK and US revealed that 79 percent involve the IT department in choosing industrial IoT solutions, but only 38 percent involve their security teams.

Read more about the disconcerting findings of the new Trend Micro survey on Help Net Security.

Over 3,700 exposed 3D printers open to remote attackers

SANS ISC researchers have discovered thousands of exposed 3D printers that require no password for remote access. The finding is striking since OctoPrint, an open-source web interface for 3D printers that many manufacturers embed in the devices, offers numerous secure ways to remotely access a 3D printer without putting it on the public internet for anyone to abuse.

SANS ISC researcher Richard Porter first warned about the exposed OctoPrint 3D web interfaces after receiving a tip, but then SANS ISC researcher Xavier Mertens took it much further by spelling out what could go wrong with the thousands of exposed 3D printers.

Read more about how thousands of exposed 3D printers open to remote attackers could be used for sabotage, espionage, or spying, on CSO.

New Hakai IoT botnet takes aim at D-Link, Huawei, and Realtek routers

After silently growing in the shadows for months, a new IoT botnet is now making its presence felt online, popping up on more and more security researchers’ radars in the past two weeks. Tracked by the infosec community as Hakai (the Japanese word for “destruction”), this botnet was first spotted in June by security researchers from NewSky Security.

This first version of the botnet was unsophisticated and rarely active, but the botnet started actively hijacking user devices on a consistent basis in July.  Since then, Hakai activity has been steadily going up.

Read more about the Hakai IoT botnet that has been growing in sophistication and silently infecting more and more devices online, on ZDNet.

How Hackers Hit Printers

Networked printers increasingly are becoming targets of hackers as these devices often aren’t secured by enterprises. A new study cited by Booz Allen Hamilton found that of 61% of survey respondents who reported a data loss incident in 2016, at least 50% had at least one such incident linked to a printer. The 2017 survey by Quocirca included 200 companies with more than 1,000 employees.

The security incidents included digitally intercepted print jobs (50%), loss of data from printer hard disks (48%), mailing of documents via multifunction printers to external sources (44%), and printers getting hacked to gain network access (18%).

Read more about the findings of the new study on DarkReading.

4-Year Old Misfortune Cookie Rears Its Head In Medical Gateway Device

Four years after its public disclosure, the Misfortune Cookie vulnerability continues to be a threat. The critical vulnerability was reported initially in 2014 by Check Point researchers, who found it lodged in some versions of the RomPager embedded web server, used for hosting the web-based administration panel by about  200 router models from different makers.

It turns out that the same versions of RomPager affected by the Misfortune Cookie run on different variants of Capsule Datacatptor Terminal Server (DTS) that is part of the medical device information system. The device is used in hospitals to connect bedside equipment (anesthesia and infusion pumps, respirators and IoT products) to the network.

Read more about the new threat posed by the 4-year old Misfortune Cookie vulnerability on BleepingComputer.

IoT failures plague most users worldwide

52% of consumers worldwide are now using Internet of Things (IoT) devices, yet 64% of those have already encountered performance issues – according to Dynatrace. On average, consumers experience 1.5 digital performance problems every day, and 62% of people fear the number of problems they encounter, and the frequency, will increase due to the rise of IoT.

For organizations deploying IoT strategies, these results indicate a critical need to master two things. Firstly, escalating IT complexity, thanks to new cloud technologies, microservices and the pressure to innovate faster. Secondly, the necessity to build out well-planned IoT monitoring and performance strategies to ensure sound application delivery and a great digital experience.

Read more about the findings of the Dynatrace report on Help Net Security.

Mirai IoT Malware Uses Aboriginal Linux to Target Multiple Platforms

Big changes on the IoT malware scene. Security researchers have spotted a version of the Mirai IoT malware that can run on a vast range of architectures, and even on Android devices. This Mirai malware strain is called Sora, a strain that was first spotted at the start of the year.

Initial versions were nothing out of the ordinary, and Sora’s original author soon moved on to developing the Mirai Owari version, shortly after Sora’s creation. It appears that other malware authors took it upon themselves to improve SORA’s code. A Symantec report published today details one such improved Sora version.

Read more about the new version of Mirai malware that is targeting multiple platforms, on BleepingComputer.

7 Serious IoT Vulnerabilities

The security of Internet of Things (IoT) devices, especially those intended for consumer use, tends to fall on a spectrum between “serious concern” and “industry joke.”

Yet the fact is that a growing number of employees have various IoT devices in their homes — where they also could be connecting to an enterprise network to do their work. And that means significant threats loom, both to and through the IoT.

Read about 7 of the most serious IoT vulnerabilities, and learn how you can protect yourself against them, on DarkReading.