Η Symantec reveals with a new survey, showing how networks of cybercriminals, exploit the elasticity of device security Internet of Things (IoT), with the aim of spreading malware, but also creation zombie networks ή botnets, unknowingly by their owners.
The specialized team Security Response of Symantec, discovered that cybercriminals are invading domestic networks as well as connected devices used by consumers everyday so that attacks can be carried out distributed denial of service (DDoS)towards more efficient targets, usually larger companies. To achieve their purpose they need cheap bandwidth and they achieve this by stitching together a wide range of consumer devices that are easy to infect, since they lack advanced security.
Note that over half of total attacks IoT, come from China and the USA , based on the location of the IP addresses that "show" the starting point of the attacks malware. Also, a large number of attacks come from Germany, the Netherlands, Russia, Ukraine and Vietnam. In some cases, IP addresses are used through proxies, so the attackers hide their true location.
Most lethal attacks malware, target non-personal use devices such as servers, routers, modems, network storage devices (NAS), closed circuit television sets (CCTV), as well as industrial control systems. Many of these systems may have access to Internet, but due to the operating system and limited processing power, they may not have advanced security features.
As the attackers are fully aware of the inadequate security of the IoT, many of them plan in advance the malware which they create, including commonly used passwords that allow them to invade these devices easily. The low level of security in many IOT devices makes them easy targets with victims usually not even knowing they are infected.
Additional findings from her research Symantec include the following:
- 2015 was a record year for the attacks IoT, with a variety of hypotheses in home automation devices and home security devices. However, attacks to date have shown that attackers tend to be less interested in the victim and the majority focus on this device in order to add it to one of botnets, most of which are used to perform attacks DDoS.
- The devices IoT is the primary objective, since they are designed to be linked and "forgotten" after the basic set-up.
- The most common passwords IoT malware, are used to try to connect to devices and as expected, the combination is "root" and "admin", Indicating that default passwords often never change!
- Attacks from multiple platforms IoT we will see them more often in the future as the number of built - in devices connected to the Internet is constantly increasing.
More information about Symantec's IoT research can be found at: http://www.symantec.com/connect/blogs/iot-devices-being-increasingly-used-ddos-attacks