Did you know? 20 percent of organizations have experienced at least one IoT-based attack in the past three years. You don’t even have to own a smart home or own a smartphone to be impacted by compromised IoT devices. The moment you step outside, you can be watched via compromised wearables and IP cameras.
Fact: Singapore was the third most attacked country according to the latest report by F5 Labs, The Hunt of IoT: Multi-Purpose Attack Thingbots Threaten Internet Stability and Human Life. For example, there were multiple stories of attacks against IoT devices within the vicinity of President Trump during his meetings with Kim Jung-Un in Singapore, as well as with Putin in Finland. These attacks were likely efforts by both adversaries and friendly nations trying to gain access to those meetings through IP cameras, VoIP phones, or video systems within proximity of the targets of interest.
With IoT growing to over 20.4 billion by 2020, and 8.6 billion of these active in the Asia Pacific region, the attack opportunity with IoT is virtually endless. Hackers constantly find new ways to leverage unprotected devices to launch cyberattacks, infecting as many things as they can.
The rise of multi-purpose attack thingbots
The rapid growth of IoT has brought about the rise of Thingbots – botnets built exclusively from IoT devices. Driving this is the fact that building these bots is the ‘in’ thing in the attacker community now, with script kiddies are learning to build bots from YouTube videos to launch damaging DDoS attacks.
Our report found that 74 percent of the thingbots we know about were developed in the last two years. Thirteen thingbots have been discovered in 2018 alone, and they are no longer single- or dual-purpose bots. There has been a shift to multi-purpose attack bots for hire that deploy proxy servers.
The transformation of thingbots into attack platforms is worsening the IoT problem. The “weakest link” in cybersecurity is no longer the human, but the IoT device that is increasingly exploited by attackers due to their poor security and ease of compromise. It’s easier to compromise an IoT device exposed to the public Internet and “protected” with (known) vendor default credentials than it is to trick an individual into clicking on a link in a phishing email.
What’s the impact?
Our homes have been weaponized against us, where smart devices like our TV, oven and are used to spy, collect data or launch attacks. More worryingly, our human life is at stake due to the vulnerability of cellular-connected IoT devices which are gateways into critical infrastructure and systems like police cars, fire trucks and airport operations. By targeting these devices, attackers can impact our health and safety. Control of the digital signage that guides and directs traffic on highways could lead to disastrous results.
Is getting off the grid the only way to privacy?
As our lives become increasingly dependent on IoT devices, the bigger the threat. We expect the IoT attacks we are watching to be building new thingbots and growing the size of thingbots already discovered. Organizations need to be prepared for thingbot attacks by having security controls in place that can detect the bot and scale to the rate at which thingbots can attack. Having bot defense at one’s application perimeter is crucial, as well as having a scalable DDoS solution.
Essentially, better cybersecurity defenses require a concerted public-private effort. Every company needs to prepare themselves for thingbot attacks, every business and government entity with IoT devices deployed should be securing them, and every person should be securing their home.
The Hunt for IoT: Multi-Purpose Attack Thingbots Threaten Internet Stability and Human Life is the fifth volume of F5 Networks’ IoT reports, following the third volume The Growth and Evolution of Thingbots Ensures Chaos. The full report is available here.