FBI WARNS ABOUT ATTACKS ON INTERNET OF THINGS DEVICES
Business organizations continue to increase their use of Internet of Things (IoT) devices to improve how they design, produce, and sell products and services. But with increased use comes increased security concerns. Last week the FBI released a public service announcement warning that cybercriminals are actively targeting IoT devices to use as proxies to route traffic for cyberattacks and network exploitation.
IoT devices, often referred to as “smart” devices, connect to the Internet to send or receive data, and include routers, time clocks, audio/video streaming devices, DVRs, IP cameras, network attached storage devices, wireless radio links, and smart garage door openers. Attackers are compromising devices with weak authentication, unpatched firmware or other software vulnerabilities, or by employing brute force attacks on devices with default usernames and passwords.
Compromising the IoT proxy servers provides a layer of anonymity to cybercriminals by transmitting all Internet requests through the victim device’s IP address. Cybercriminals can then send spam e-mails; disguise network traffic; mask Internet browsing; generate click-fraud activities; buy, sell, and trade illegal images and goods; use automated scripts to test stolen passwords from other data breaches on unrelated web-sites; and sell or lease the IoT botnets to others.
Signs that a device may have been compromised include: the device becomes slow or inoperable; a major spike in monthly internet usage; larger than usual Internet bills; unusual outgoing Domain Name Service queries and outgoing traffic; or internet connections running slow.
To protect against these attacks, organizations should:
Regularly reboot devices (most malware is stored in memory and removed upon a device reboot)
Change default usernames and passwords, and then continue to change usernames and passwords frequently
Use up to date anti-virus regularly
Ensure devices are up to date with the latest security patches
Configure network firewalls to block traffic from unauthorized IP addresses and disable port forwarding
Isolate IoT devices from other network connections