sb-au logo
Story image

Will 2017 be the year that IoT threats go mainstream?

03 Feb 2017

The Internet of Things (IoT) is changing the way we live and work forever. It makes us more productive, healthier and happier, and it enables businesses to work smarter, more efficiently and with greater agility. There’s just one problem: from a security perspective IoT devices are fundamentally flawed. And the bad guys are getting pretty good at exploiting them.

Trend Micro predicts that 2017 could see an avalanche of new attacks on consumer-grade smart devices and industrial IoT environments. These systems may be worlds apart. But the effect of compromises on targeted businesses could be similarly devastating.

Mirai: just the beginning?

If 2016 was the year IoT-powered botnets became big news, then the coming 12 months could see the trend finally go mainstream. After the source code of the now infamous Mirai malware was publicly revealed last year, it didn’t take long before the black hats were using it to probe smart home devices for those featuring default usernames and passwords. They were then able to compromise such devices in the tens of thousands to create botnets capable of launching some of the biggest DDoS attacks ever seen.

One allegedly took the African nation of Liberia briefly offline. The most notable targeted the DNS firm Dyn, which had a devastating knock-on effect, taking down its clients – some of the biggest names on the web. The likes of Twitter, Reddit, Spotify and SoundCloud were all affected.

We predict that cybercriminals will this year continue to leverage basic security vulnerabilities in consumer grade devices like webcams and DVRs to build DDoS botnets. After all, the lukewarm reaction to Mirai among the vendor community has proven that there’ll always be vulnerable devices to exploit.  In the crosshairs of hacktivists and financially motivated attackers using DDoS botnets will be service-based, news, corporate, and political sites this year.

Going industrial

At the other end of the spectrum, we’re likely to see an uptick in highly targeted attacks aimed at compromising Industrial IoT systems, like those found in manufacturing and energy firms. Once again, the precedent has already been set. Ukrainian power stations were disrupted in December 2015 and 2016 by relatively sophisticated attackers, leaving many without electricity.

The risk here is not necessarily of data loss but very real physical harm – because IIoT sits at the intersection of physical and cyber worlds. Hack a connected car and you could cause a major pile-up on the freeway. Successfully hack a power station during the middle of winter and who knows what could happen to residents unable to heat their homes?

Unfortunately, in this sphere too, the products themselves are woefully vulnerable to attack. In fact, supervisory control and data acquisition (SCADA) system vulnerabilities comprised nearly a third (30%) of the total number of vulnerabilities found by Trend Micro TippingPoint in 2016.

So what can we do? We can try to raise awareness of security among consumers and manufacturers, to reduce the easy pickings for the bad guys. And from an industrial standpoint, security bosses should always try to keep mission critical systems patched and up-to-date, and where possible, air-gapped from the wider internet. Also, ensure you have network IPS in place to detect and block malicious network packets.

As we head into a new year, we’re all going to have to up our game to mitigate the growing IoT security threat.

Article by Ed Cabrera, Trend Micro's chief cybersecurity officer.

Story image
Video: 10 Minute IT Jams - Who is Vectra AI?
Today, Techday spoke with Vectra AI head of security engineering Chris Fisher, who discusses the company's key products and offerings, updates on its operations in the A/NZ region, and the latest improvements on its products.More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Link image
Why it's crucial to normalise proper security training for remote working
Knowing and implementing best practices for remote security can save money, time and headaches. It starts with a quality solution to safeguard the workforce.More
Link image
Remote working remains a high-risk endeavour
A remote workforce needs phishing protection, automated incident response and security training to avoid the worst from happening. Here's how to get there.More
Story image
Video: 10 Minute IT Jam – Who is Cohesity?
If you could pick two words to describe Cohesity, ‘data management’ fit very well.More
Story image
Malware and email scams targeting employees spread rapidly in Q2
"Businesses must stay alert and should employ defense-in-depth tactics and equip themselves with multilayered security mechanisms, including high-sensor spam filters and a VPN connection, which would prevent malicious pages from opening."More