MedGizmo - Always-on IoT devices will create a hacker’s paradise
19.08.2015, 19:11   Silicon Republic

Always-on IoT devices will create a hacker’s paradise

by John Kennedy Auguast 19, 2105

Home routers and other similar internet-connected devices are easy access points for hackers

Behind the silver-lined clouds of opportunity posed by the internet of things (IoT) lurks the harsh reality that a large number of these IoT devices are vulnerable to hacker attacks, particularly distributed denial of service (DDos) attacks.

Depending who you talk to by 2020 anything between 35bn and 50bn devices could be connected to the internet of things.

A new report commissioned by Nexusguard and conducted by Cybersecurity Ventures warns that many IoT devices, especially routers, are likely to be targeted as a jumping off point for hackers.

DDoS is often the first wave attack by hackers who use them to distract companies from more targeted intrusions. They can be exploited during software updates and used as proxy servers to launch attacks on businesses and extort cash.

“IoT brings new layers of interconnectedness and efficiency, but the risks cannot be ignored,” said Steve Morgan, CEO at Cybersecurity Ventures and Editor-In-Chief of the Cybersecurity Market Report and Cybersecurity 500 list of the world’s hottest and most innovative cybersecurity companies.
Vulnerable routers will be the IoT’s Achilles heel

Routers are also being used in Simple Service Discovery Protocol (SSDP) reflection attacks which target unpatched or un-patchable routers.

These SSDP attacks are especially dangerous because they can utilise vulnerable routers to amplify an attack beyond normal bandwidth limits while also hiding the original source of the attack.

“Home routers and other similar internet-connected devices are easy access points for hackers, who can use them to launch DDoS or setup proxies for internet fraud that can shut down ISPs or cripple a business,” said Terrence Gareau, chief scientist at Nexusguard.

“These attacks can be especially harmful to the providers of IoT services, for example if an alarm system is controlled by an app, the attack could completely shut down this capability, rendering the entire service unusable. We’re the dominant player in DDoS and IoT attack prevention and believe it is important to raise industry awareness about the persistent IoT threat.”

Cybersecurity Ventures predicts that by the end of 2017 20pc of businesses will use security services to protect IoT initiatives.

It says the multi-trillion dollar IoT market will increase security research and spending up to 2025.

Many of these devices will rely on shared libraries for firmware and as older devices are no longer supported by manufacturers and patches and fixes cease, there will be increased opportunities for hackers.

According to Nexusguard in the past seven days the company saw 64 internet-based scans for SSDP services.

In a recent attack the company tracked 559 edge devices – devices that provide an entry point into enterprise or service provider core networks – that were being exploited, with more than half located in the US, China, Bulgaria and Russia.

BONUS VIDEO
19.08.2015, 19:11   Silicon Republic
Image by Shutterstock
Views: 571

Disclaimer

When we provide links to other Web resources, the Company is not responsible for the accuracy, usefulness, safety, or intellectual property rights of or relating to such content.

Overview and Analysis

of information from Internet resources. Follow our Instagram Daily Feed @MedGizmo, Twitter Daily Feed @MedGizmo.
© 2016 MedGizmo