Cyberattack of the clones

Cyberattack of the clones

Cyberattack of the clones

November 27, 2016

In previous research from the Vectra Threat Labs, we learned that seemingly innocuous vulnerabilities can become serious problems in the context of the Internet of Things(IoT). IoT is the unattended attack surface, and more IoT devices means bigger clone armies.

The recentpublic release of source code for malware named "Mirai" has proven exactly that. Mirai continuously scans the Internet for IoT devices using factory default usernames and passwords, primarily CCTV and DVRs.

This attackvector has proven highly successful. Over the last few months, there has been an alarming increase in IoT-based denial-of-service attacks based on variations of IoT-powered Mirai botnets.And Mirai is not the only IoT botnet. There are others. All doing the same thing. All those new smart TVs, cameras, door locks,and maybe even a fridge or two, are going to be the gifts that keep on giving to attackers.

In addition to default usernames and passwords, most IoT devices are shipped to consumers and enterprise with out-of-date, unsecure software that is never updated by manufacturers. IoT devices are also trivial to access with no regulationsor guiding principles mandating how secure they should be. Vectra Threat Labs published research on how a consumer-grade Web cam can be turned into a backdoor to gain entry into the network it's connected to.

Yet the demand forIoT devices continues to grow. Businesses that roll out networked devices should be aware that if these devices communicate out to the Internet, they are all susceptible to remote attackers who will load malicious software on them.

As recent threat activities show, IoT attacks are real andhere for the long term. Large-scale DDoS attacks are difficult to combat for even the largest, most prepared businesses. It is important to be a good Internet citizen (change those passwords!), but more importantly, don'tfall victim to your own camera.

An even greater danger is whenIoT devices start snooping around corporate networks while we're home for the holidays. But there's good news, too.Customers who rely on Vectra for automated threat hunting can detect attacker behaviors and remediate active threats before they do damage.

Networked IoT devices – printers, cameras and even advanced devices like MRI scanners – can pose an alarming cybersecurity risk. While they don’t fit the bill of a traditional network host, they represent fruitful targets and vectors for cyber attackers. In this webinar, we dive into examples of how attackers target and use IoT device vulnerabilities to their advantage. RSVP today! {{cta('e2900b3d-197f-402d-941d-f5568f5024d2','justifyleft')}}

About the author


Vectra® is the world leader in AI-powered network detection and response.

Author profile and blog posts

Most recent blog posts from the same author

Threat detection

How to Track Attackers as They Move to Your Network from the Cloud

December 8, 2020
Read blog post
Security operations

Expertise That Unlocks the Potential within Your Security Operations

July 21, 2020
Read blog post

A Tale of Two Attacks: Shining a Security Spotlight on Microsoft Office 365

October 26, 2020
Read blog post