Cyberattackers Are Targeting IOT Devices: How Do You Defend Yourself?
A new threat group, called “STRONTIUM”, was recently discovered by the Microsoft Threat Intelligence Center (MSTIC). In April 2019, this cyberthreat infiltrated private company networks through 3 different IoT devices – a VoIP phone, printer, and video decoder.
The Microsoft researchers reported that the devices were compromised as a result of the devices running out-of-date software. Furthermore, it was discovered that the log-in credentials on some of the hacked devices were also left on factory defaults, making them vulnerable to compromise.
Once the threat had infiltrated a company’s network, it would carry out a network scan to locate other devices that are vulnerable, and spreading itself to these new devices. It was also discovered that the hacked devices were communicating with an external device controlled by the attackers.
It was discovered that common devices that were used for initial infiltration included office VoIP phones and printers. Infected devices are often used by cyberattackers in a network known as a botnet. A botnet is a network of devices controlled by a cyberattacker for malicious activity, including mounting DOS attacks, sending spam, or stealing data.
Microsoft reported that in the past year, it had notified close to 1400 companies affected by the STRONTIUM threat.
The FBI noted that VPNFilter, a malware that was prominent in May 2018, was also related to the STRONTIUM vulnerability. That month, technology company Cisco reported that half a million IoT devices worldwide were infected with VPNFilter, with affected brands including NETGEAR, Linksys, and TP-Link.
What can you do to protect yourself and your IoT Devices?
As shown by the attacks described above, cyberattackers are looking to exploit more simple devices to intrude into victims’ networks. One of the most effective method of protecting yourself against this is by ensuring that the default credentials used to log into the device are changed.
To further protection, you can also segment your network, disconnecting your IoT devices from your more critical systems. This way, if an attacker does gain access to your IoT devices they will still not be able to access your administrative systems.
GIGE Corporation can help you protect your devices from cyberattack. Contact us today at +1 888 366 4443 or firstname.lastname@example.org for more information.