The IoT security challenge has a lot to do with the way manufacturers forgo security-by-design as they rush products to market.
Security has long been a problem for Internet of Things projects, and the problem is only growing more acute. The latest IBM security report points out that there has been a 5,400 percent increase in recorded IoT vulnerabilities over the number reported just five years earlier.
“Flaws and security holes in IoT devices leave organizations and consumers vulnerable to large botnets of internet-connected things,” the IBM researchers report. They point to the start of the threats dating back to 2016, when the Mirai botnet, “which caused internet-wide disruption, was the first major wake-up call for organizations to acknowledge this type of threat. Since then, Mirai successors such as Aidra, Wifatch, and Gafgyt, which leverage parts of Mirai’s code,51 and newcomers such as the BCMUPnP_ Hunter and Torii botnets have amassed access to hundreds of thousands of devices to spread their Distributed Denial of Service (DDoS) attack malware, coin-mining malware, and spam.”
The researchers “anticipate attackers will continue to target consumer devices, such as routers, CCTV cameras, and IIoT-connected devices such as
smart meters and grids to carry out attacks in 2019 and beyond.” The challenge, they relate, is “manufacturers’ forgoing security-by-design as they rush products to market. Attackers make those products their favorite go-to targets where they can exploit large numbers of devices with the same vulnerabilities.” Also opening up device vulnerabilities: “administrators’ failure to change default passwords and patch vulnerable devices unless these security basics are prioritized by more organizations in the coming year.” Another area of vulnerability is smart city technologies, “such as intelligent transportation systems, disaster management, and the IIoT.”
Another recent industry report also sounds the alarm on IoT device security. Kaspersky, a security vendor, indicates that it has detected up to 105 million attacks on smart devices in the first half of 2019 alone. The company employs honeypots – decoy networks of virtual copies of various internet-connected devices and applications – have detected attacks on IoT devices coming from 276,000 unique IP addresses during this time.
This figure is seven times more than the number found in the first half of 2018 when 12 million attacks were spotted originating from 69,000 IP addresses, Kaspersky says. “Capitalizing on weak security of IoT products, cybercriminals are intensifying their attempts to create and monetize IoT botnets.”
Based on data analysis collected Kaspersky’s honeypots, “attacks on IoT devices are usually not sophisticated, but stealth-like, as users might not even notice their devices are being exploited,” the firm reports. “Botnets can slip through old, unpatched vulnerabilities to the device and control it. Another technique is password brute-forcing.”
Kaspersky recommends that IoT administrators and users be vigilant in installing firmware updates as soon as they are available. “Always change preinstalled passwords,” the researchers add. In addition, “reboot a device as soon as you think it’s acting strangely. It might help get rid of existing malware, but this doesn’t reduce the risk of getting another infection.”