The FBI announcement warns that bad actors could be using IoT devices as proxies for anonymity and pursuit of malicious cyber activities.
The FBI has issued a public service announcement warning of the potential for serious cyberattacks on IoT networks. The alert warns that cyber attackers often use IoT devices as anonymous proxies to conduct malicious activities. This news comes as no surprise to those in the industry, who’ve expressed concern for years that the IoT’s security issues make it vulnerable to attack.
Hackers and cybercriminals seek and compromise vulnerable IoT devices (smart devices) and turn them into proxies or intermediaries. Cyber attackers use these tools to route malicious traffic for cyber attacks or to exploit unsecured computer networks.
See also: Taking on next-generation cyberattacks with streaming analytics
Common Targeted IoT Devices
The FBI’s warning lists a range of IoT Devices that, when lacking proper security, become attractive targets for cyberattacks:
- Routers
- Wireless radios links
- Time clocks
- Audio/ video streaming devices
- Raspberry PIs
- IP cameras
- DVRs
- Satellite antenna equipment
- Smart garage door openers
- Network attached storage devices
IoT proxy servers attract hackers and cybercriminals because they transmit all internet requests through the device’s IP address, affording a level of anonymity. Hackers prize IoT devices in developed nations because they allow access to business websites that block traffic from foreign or shady IPs. Using an IoT device makes it very difficult to differentiate between malicious and regular traffic.
The alert includes a list of clues that may indicate a compromise. It also includes a list of how best to secure your network and devices, including:
- Using a firewall
- Rebooting devices regularly
- Changing default usernames and passwords
- Keeping firmware updated and installing patches
Without a universal standard, owners must take responsibility for securing their own devices and networks.
