Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Weaponised IoT attacks: what does the future hold?

CCTV Handbook 2017 Editor's Choice, Information Security

The explosion of connected devices onto our networks is fuelling our imaginations and inspiring incredible visions for the future. There is limitless potential in being able to connect and integrate our cars, houses, appliances, and everything else we own.

We’re falling in love with the so-called Internet of Things (IoT): from the simple example of a connected fridge reordering the milk when it’s running low; to the more sophisticated business realm of connected trucks that process inventory, firing off automated chain reactions within the operations.

Gartner expects we’ll see over 20 billion connected devices by 2020 – promising to fundamentally change the way we live and work. But on the other side of the coin, it thrusts us into a new realm of cyber threats. Suddenly, it’s possible to weaponise hundreds of thousands, millions, or even billions of IoT devices – creating marauding zombie armies that haul servers down with sustained DDoS attacks.

Darren Anstee, chief security technologist at Arbor Networks, explains that: “IoT botnet cybercrime capitalises on weak default passwords of many mass-market surveillance cameras, routers and digital video recorders, infiltrating them with malware and then using them to launch well-orchestrated DDoS attacks.

“Last year we saw the first expression of the now infamous Mirai botnet attack. Mirai represents a new high-water mark in the cyber criminal community. It points towards a number of worrying trends for the future,” Anstee adds.

So, just how will these attacks evolve?

Increased use of reflection amplification

The first wave of IoT botnet attacks may not have used DNS amplification or reflection, but as companies raise their guards, these advanced techniques will be woven into the botnet attacks, allowing attackers to multiply attack traffic multiple fold. By continually scanning networks for new, insecure IoT devices, and then amplifying their presence, hackers are able to flood their victims’ networks with incredible force.

“Weaponised IoT attacks will become more subtle and stealthy than the bold and ground-breaking Mirai bot – which was more about making a statement than it was about actual financial gain,” notes Anstee.

Lower barriers to entry

IoT attacks are actually not that difficult to pull off. For this reason, they’re popping up at a rapid rate. From universities that are taken offline by breaches to their connected light bulbs and vending machines, to the devastating attack which temporarily took the whole of Liberia offline, there are reports every day of new attacks.

“Systems can be easily compromised with publicly available exploit kits and related information,” reveals Anstee. Barriers to entry are lowered by the relative ease that someone can develop their own army of botnets, or rent others’ armies within the dark web.

Automation and agility

“What really made the likes of Mirai and its derivatives successful was the release of the Metasploit module, which made automating the recruitment and weaponisation of devices far easier,” he explains.

In the future, we’ll see attacks that leverage automation at every layer and constantly morph their approaches to get the best possible result. For example, while the original Mirai code looked for 61 different usernames and passwords, future iterations may try millions of different passwords.

Ultimately, these types of threats are likely to thrive over the coming years. They exploit weaknesses in two major areas (the hardware of the connected devices themselves, and the lack of DDoS resistance tools within the targeted victim). Because of the nature of these vulnerabilities, it is very hard for governments and ISPs to come together in coordinating an effective response.

It’s a matter that has received attention in senior political echelons, with former US president Barack Obama quoted as saying that future presidents face the challenge of “how do we continue to get all the benefits of being in cyberspace, but protect our finances, protect our privacy? What is true is that we are all connected. We’re all wired now” ( http://www.computerworld.com/article/3135285/security/ddos-attack-shows-dangers-of-iot-running-rampant.html).

For more information contact Bryan Hamman, Arbor, bhamman@arbor.net





Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

What is your ‘real’ security posture?
BlueVision Editor's Choice Information Security Infrastructure AI & Data Analytics
Many businesses operate under the illusion that their security controls, policies, and incident response plans will hold firm when tested by cybercriminals, but does this mean you are really safe?

Read more...
What is your ‘real’ security posture? (Part 2)
BlueVision Editor's Choice Information Security Infrastructure
In the second part of this series of articles from BlueVision, we explore the human element: social engineering and insider threats and how red teaming can expose and remedy them.

Read more...
IQ and AI
Leaderware Editor's Choice Surveillance AI & Data Analytics
Following his presentation at the Estate Security Conference in October, Craig Donald delves into the challenge of balancing human operator ‘IQ’ and AI system detection within CCTV control rooms.

Read more...
Onsite AI avoids cloud challenges
SMART Security Solutions Technews Publishing Editor's Choice Infrastructure AI & Data Analytics
Most AI programs today depend on constant cloud connections, which can be a liability for companies operating in secure or high-risk environments. That reliance exposes sensitive data to external networks, but also creates a single point of failure if connectivity drops.

Read more...
Toxic combinations
Editor's Choice
According to Panaseer’s latest research, 70% of major breaches are caused by toxic combinations: overlapping risks that compound and amplify each other, forming a critical vulnerability to be exploited.

Read more...
Kaspersky finds security flaws that threaten vehicle safety.
News & Events Information Security Transport (Industry)
At its Security Analyst Summit 2025, Kaspersky presented the results of a security audit that exposed a significant security flaw enabling unauthorised access to all connected vehicles of one automotive manufacturer.

Read more...
GenAI fraud forcing banks to shift from identity to intent
AI & Data Analytics Information Security Financial (Industry)
The complexity and velocity of modern fraud schemes, from deepfakes to fraud and scams involving social engineering, demand more than just investment in new tools; they need adaptability and expanding the security net.

Read more...
Cyber attack surface expanding
Asset Management Information Security Logistics (Industry)
Despite the increasing number of attacks, analysis of Allianz Commercial cyber claims shows that severity is down by 50% and large-claim frequency by 30% in H1 2025, driven by larger companies’ enhanced detection and response capabilities.

Read more...
Continuum launches centralised access and identity management
Editor's Choice Access Control & Identity Management Integrated Solutions Facilities & Building Management
Continuum Identity is a newly launched company in the identity management and access control sector, targeting the complexity of managing various Access and Identity Management (AIM) systems.

Read more...
Local-first data security is South Africa's new digital fortress
Infrastructure Information Security
With many global conversations taking place about data security and privacy, a distinct and powerful message is emerging from South Africa: the critical importance of a 'local first' approach to data security.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.