IoT malware attacks becoming more sophisticated – with China and US at the source
Malware and DDoS attacks targeting the Internet of Things (IoT) have “come of age”, according to research released by security provider Symantec – with the US and China at the forefront of it.
The report examines how cybercriminals are taking advantage of unsecured IoT devices to spread malware and create zombie networks or botnets. China (34%) and the United States (28%) were the most frequent attack origins on Symantec’s specific IoT honeypot by count of unique attackers. Russia (9%), Germany (6%), the Netherlands (5%), and Ukraine (5%) were next, although with a distinct disparity.
The number of IoT threats jumped significantly in 2015 with many of them continuing to be active into this year, Symantec argues. In addition, poor security on IoT devices makes them “soft targets”, and combining that with attackers who are aware of lax IoT security makes for a deadly combination.
Malware attackers take a ‘straightforward’ approach to distribution, the researchers argue, with the most common method being scanning for random IP addresses with open Telnet or SSH ports followed by a brute force attempt to login.
While the methods are somewhat unsophisticated, the overall ecosystem is certainly becoming more proficient. The most recognisable and prevalent malware families – the ones to look out for – include Linux.Darlloz (aka Zollard), Linux.Aidra / Linux.Lightaidra, Linux.Xorddos (aka XOR.DDos), Linux.Gafgyt (aka GayFgt, Bashlite), Linux.Ballpit (aka LizardStresser), Linux.Moose, Linux.Dofloo (aka AES.DDoS, Mr. Black), Linux.Pinscan / Linux.Pinscan.B (aka PNScan), Linux.Kaiten / Linux.Kaiten.B (aka Tsunami), Linux.Routrem (aka Remainten, KTN-Remastered, KTN-RM), Linux.Wifatch (aka Ifwatch), and Linux.LuaBot.
Symantec argued several key tenets for users looking to stay protected on their IoT-enabled devices. Research the capabilities and security features before purchase, disable the Telnet login and use SSH where possible, use wired instead of wireless, and ensure a hardware outage does not result in leaving the device in an unsecured state.
You can read the full post here.
Interested in hearing industry leaders discuss subjects like this and sharing their IoT use-cases? Attend the IoT Tech Expo World Series events with upcoming shows in Silicon Valley, London and Amsterdam to learn more.
- » IoT Security Foundation launch certification scheme ahead of potential laws
- » New trial for UK industrial IoT monitoring system FuseOhm is completed
- » How the IoT will save lives: Applying IoT technology to emergency communications
- » IOTech raises $7.5 million in series A funding led by Dell Technologies
- » Cisco is investing in Australian agricultural IoT firm Titan Class