April 1, 2019 |

IoT threats: same hacks, new devices

F-Secure finds IoT threats and attacks are increasing, but rely on well-known security weaknesses

Helsinki, Finland – April 1, 2019: The internet of things explosion has proven controversial due to the insufficient security measures in many of these internet-connected devices. And a new report from cyber security provider F-Secure finds that threats and the number of attacks continue to increase, but still rely on well-known security weaknesses, such as unpatched software and weak passwords.

The report, using data collected and analyzed by F-Secure Labs, highlights that threats targeting internet-connected devices are beginning to multiply more rapidly than in the past. The number of IoT threats observed by F-Secure Labs doubled in 2018, growing from 19 to 38 in the space of a single year. But many of these threats still use predictable, known techniques to compromise devices. Threats targeting weak/default credentials, unpatched vulnerabilities, or both, made up 87% of observed threats.

F-Secure Operator Consultant Tom Gaffney says that larger device vendors are paying more attention to security than in the past, but there’s a lot of devices from many different manufacturers that don’t offer consumers much in the way of security or privacy.

“The big guys like Google and Amazon have made strides in their smart home products with the help of massive backing and ethical hackers like our own Mark Barnes, who executed the first proof of concept for a hack of an Echo in 2017,” said Gaffney. “But for years manufacturers have been releasing products without giving much thought to security, so there’s a lot of ‘smart’ devices out there vulnerable to relatively simple attacks.”

IoT threats were rarely encountered before 2014, the report explains. But that changed around the time the source code for Gafgyt – a threat that targeted a variety of IoT devices, including BusyBox devices, closed-circuit television (CCTV) devices and many digital video recorder (DVR) devices – was released.

In October 2016, Mirai, which was developed from Gafgyt’s code, became the first IoT malware to achieve global infamy when its massive botnet was used to launch one of the largest distributed denial-of-service attacks in history.

Mirai’s code has been public “for Research/IoC Development Purposes” since 2016.** Originally, it used 61 unique combinations of credentials used for infections. Within three months, that number had reached almost 500. And it’s incredibly prevalent as a malware family. Approximately 59 percent of attack traffic detected by F-Secure’s honeypot servers in 2018 targeted exposed telnet ports, with Mirai’s attempts to spread as the main culprit behind the attacks.

According to F-Secure Labs Principal Researcher Jarno Niemela, the root cause of many of the IoTs problems starts with the manufacturers’ supply chains.

“Most device vendors license software development kits for the chipsets they use in their smart cameras, smart appliances, and other IoT devices. That’s where the vulnerabilities and other issues are coming from,” explains Niemela. “Device vendors have to start asking for more in terms of security from these suppliers, and also be prepared to issue updates and patches as they become available.”

F-Secure’s report, IoT threat landscape: same hacks, new devices, also includes:

  • A quick history of IoT threats from the turn of the millennium through 2018
  • An overview of the failures and potential hopes for regulation
  • A look at potential privacy risks associated with IoT devices

The full report is available on F-Secure’s blog.

*Source: https://threatpost.com/threatlist-83-of-routers-contain-vulnerable-code/137966/

**Source: https://github.com/jgamblin/Mirai-Source-Code

 

About F-Secure

Nobody knows cyber security like F-Secure. For three decades, F-Secure has driven innovations in cyber security, defending tens of thousands of companies and millions of people. With unsurpassed experience in endpoint protection as well as detection and response, F-Secure shields enterprises and consumers against everything from advanced cyber attacks and data breaches to widespread ransomware infections. F-Secure’s sophisticated technology combines the power of machine learning with the human expertise of its world-renowned security labs for a singular approach called Live Security. F-Secure’s security experts have participated in more European cyber crime scene investigations than any other company in the market, and its products are sold all over the world by over 200 broadband and mobile operators and thousands of resellers.

Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.

f-secure.com | twitter.com/fsecure | facebook.com/f-secure

 

F-Secure media relations

Adam Pilkey

+358 40 637 8859

Latest Press Releases

July 11, 2019

If AI could feel, it would fear cyber attacks from people

New report from EU research group says attacks against AI systems are already occurring, difficult to identify, and potentially far more common than currently understood

July 10, 2019

F-Secure’s new Global Partner Program unifies technology, training, and benefits

Program aims to help IT resellers bring new cyber security capabilities focusing on detection and response to more organizations

June 26, 2019

F-Secure’s new unit focuses on ‘Goldilocks zone’ of tactical defense

Unit head Christine Bejerasco says team’s medium-term focus ensures F-Secure’s products and services proactively evolve to stay a step ahead of attackers

June 14, 2019

F-Secure Countercept premieres at U.S. Gartner Security & Risk Management Summit 2019

F-Secure is showcasing Countercept, its award-winning, flagship managed detection and response service in America.

%d bloggers like this: