Cybersecurity firm Kaspersky has warned that DDoS (distributed denial of service) attacks orchestrated through IoT botnets are in high demand among hackers, as the company outlines a ‘thriving underground economy on the dark web focused on IoT-related services.’
Kaspersky issued a communique which was part research note, part consumer advice. For the former, the company noted that the primary method for infecting IoT devices remains brute-forcing weak passwords, ahead of exploiting vulnerabilities in network services. In the first half of 2023, almost 98% of password brute-force attempts were focused on Telnet, with the rest directed at the more secure SSH.
During the same time period, analysts at Kaspersky’s Digital Footprint Intelligence service found more than 700 ads for DDoS attack services on various dark web forums. Analysts also found services offering exploits for zero-day vulnerabilities in IoT devices, alongside IoT malware bundled with infrastructure and supporting utilities.
The researchers confirmed what many readers of this publication would already have suspected: fierce competition between cybercriminals with new strains of IoT malware. Many originate as variants of the most famous – or perhaps, infamous – botnet, Mirai. Kaspersky noted that such competition has driven the development of features aimed at thwarting rival malware, from implementing firewalls, disabling remote device management, and terminating processes linked to competing malware.
Kaspersky has urged vendors to prioritise cybersecurity for both consumer and industrial devices.
“We believe that they must make changing default passwords on IoT devices mandatory and consistently release patches to fix vulnerabilities,” said Yaroslav Shmelev, a security expert at Kaspersky. “Kaspersky’s report stresses the need for a responsible approach to IoT security, obliging vendors to enhance product security from the get-go and proactively protect users.”
The company outlined several recommendations for protecting industrial and customer IoT devices, from conducting regular security audits of OT systems, to using ICS (industrial control systems) network traffic monitoring, analysis and detection, to remembering to protect industrial endpoints as well as corporate ones.
You can take a look at the full Kaspersky analysis of the IoT threat landscape here.
Explore other upcoming enterprise technology events and webinars powered by TechForge here.