Four main threats that allow you to turn IoT gadgets into an army of botnets

About hacking connected to the network of smart devices now does not write just lazy. And indeed, there are really a lot of problems with IoT gadgets, or rather, with their security. Manufacturers, first of all, worry about the functionality of their devices. In the second - about design. The third is about practicality. And only at the end of the list of priorities is security.

The results of this approach, we all know. This botnets like Mirai, and ordinary hacks of smart gadgets and everything else. But we are talking not only about all sorts of light bulbs, but also about drones, smart-cars and other systems, including industrial ones, which are hacked with significant losses and other dangers.

“IoT devices are simple computers that can be hacked in the same way as regular PCs,” says Patrick Wardle, an information security specialist. Moreover, hacking such a device is simpler than a computer, since it has fewer protection systems (if there are any at all), and the gadget is permanently connected to the Internet.
')
Here are the main security issues for IoT devices. These problems are the most significant, so that their solution will have to focus on.

Exploiting a large number of device vulnerabilities

Most IoT systems are constantly being studied by hackers for possible connectivity. According to José Nazario, the head of one of the companies that deal with information security, in some cases remote connection attempts are made up to 800 times per hour. Usually attackers try to search for gadgets on the network with known vulnerabilities. This often helps the search service Shodan.

Information security specialists, who analyzed the possibility of mass hacking of IoT gadgets, found that on average one such device gets about 400 connection attempts. 66% - successful attempts. When an unprotected IoT device is connected to the network, it can be infected after 6 minutes. “With the advent of more and more unprotected devices, cybercriminals will get more and more resources available for hacking,” says Nazario.

UPNP (Universal Plug-and-Play) Vulnerability Exploitation

Despite the fact that uPNP in some cases is a very convenient technology, it is also a weak link in the gadget protection system. Devices like video cameras work with uPNP to exchange data with a router, accepting incoming connections. “It makes it easy to access them from the outside, but it also makes these gadgets open to the world,” explains Chester Wisniewski, a Sophos specialist.

Well, since the whole world can access these devices, hackers rush to take advantage of this opportunity.

You can correct the situation, for example, if you disable uPNP on your router and smart devices. In some cases, this may complicate work with them, but it will make the system more secure.

Network signal interception

Many IoT gadgets communicate with the server or their users through a cellular network, rather than Wi-Fi. In some cases, it is safer than transferring data over Wi-Fi, but this method is not a panacea. Namely, the cellular network used onboard systems of many smart cars.

And hackers have long been able to exploit vulnerabilities in the protection system of such cars. One of the most famous examples is intercepting the signal of the Jeep Grand Cherokee with the subsequent remote control of the functions of such a car. And all because the machine is constantly in touch, and the Jeep IP systems are open.

Accessing the control functions of the car is as easy as accessing the website. Plus, the machines are not isolated from each other, there are no firewalls, so if desired, an attacker can affect the entire system.

Reverse engineering

For an ordinary person, reverse engineering is a rather complicated thing. But for an experienced cybercriminal, in most cases there are no problems. Of course, most companies are trying to create their own software in such a way that it was extremely difficult to carry out reverse engineering.

But in most cases, this operation is performed by a specialist without any problems, especially if we are talking about an IoT device.

For example, Belkin WeMo systems store their keys and passwords, which are used to confirm the “validity” of access, in their own firmware. And this allows an attacker to fake the firmware by downloading it to the victim device. And the problem is not only with Belkin gadgets, it is more common than it seems.

It is clear that no one wants to see their IoT gadgets in the form of an army of malicious bots that are capable of carrying out powerful DDoS attacks. But here the problem is mainly in the manufacturers - they can solve the problem if they give him enough time. Until this happens, attackers will be able to form huge botnets for DDoS attacks, as happened several months ago, when the most powerful DDoS attack was carried out against several organizations, including Dyn, network security specialist Brian Krebs, etc. Attack power was 620 Gb / s. After this attack, many services became unavailable, the business lost millions of dollars.

PS: We remind you, if it happened that your services became a victim of DDoS attacks or if you want to foresee a way to protect against DDoS, then you might be interested in our Anti-DDoS Protection offer.