Amount of mal­ware tar­get­ing smart de­vices dou­ble in 2017

Kuwait Times - - TECHNOLOGY -

The to­tal num­ber of mal­ware sam­ples tar­get­ing smart de­vices has reached more than 7,000, with over half of th­ese emerg­ing in 2017, ac­cord­ing Kasper­sky Lab’s re­searchers. With over 6 bil­lion smart de­vices be­ing used across the globe, peo­ple are in­creas­ingly be­ing put at risk from mal­ware tar­get­ing their con­nected lives. Smart de­vices-such as smart watches, smart TVs, routers, and cam­eras - are con­nect­ing to each other and build­ing the grow­ing In­ter­net of Things (IoT) phe­nom­e­non, a net­work of de­vices equipped with em­bed­ded tech­nol­ogy that al­lows them to in­ter­act with each other or the ex­ter­nal en­vi­ron­ment.

Be­cause of the large num­ber and va­ri­ety of de­vices, the IoT has be­come an at­trac­tive tar­get for cy­ber­crim­i­nals. By suc­cess­fully hack­ing IoT de­vices crim­i­nals are able to spy on peo­ple, black­mail them, and even dis­creetly make themtheir part­ners in crime. What’s worse, bot­nets such as Mi­rai and Ha­jime have in­di­cated that the threat is on the rise. Kasper­sky Lab’s ex­perts have con­ducted re­search into IoT mal­ware to ex­am­ine how se­ri­ous the risk is.

They have set up hon­ey­pots - ar­ti­fi­cial net­works, which sim­u­late the net­works of dif­fer­ent IoT de­vices (routers, con­nected cam­eras etc.) to ob­serve mal­ware at­tempt­ing to at­tack their vir­tual de­vices. They did not have to wait long - at­tacks us­ing known and pre­vi­ously un­known ma­li­cious sam­ples started al­most im­me­di­ately af­ter the honey pot was set up. Most of the at­tacks reg­is­tered by the com­pany’s ex­perts tar­geted dig­i­tal video recorders or IP cam­eras (63 per­cent), and 20 per­cent of hits were again­st­net­work de­vices, in­clud­ing routers, and DSL modems, etc.

About 1 per­cent of tar­gets were peo­ple’s most com­mon de­vices, like prin­ters and smart home de­vices. China (17 per­cent), Viet­nam (15 per­cent), and Rus­sia (8 per­cent) emerged as the top-3 coun­tries with at­tacked IoT de­vices, each pre­sent­ing a large num­ber of the in­fected ma­chines. Brazil, Turkey and Tai­wan - all at 7 per­cent, fol­low. To date dur­ing this on­go­ing ex­per­i­ment, re­searchers have been able to col­lect in­for­ma­tion about more than seven thou­sand mal ware sam­ples de­signed specif­i­cally to hack con­nected de­vices. Ac­cord­ing to ex­perts, the rea­son be­hind the rise is sim­ple: The IoT is frag­ile and ex­posed in the face of cy­ber­crim­i­nals. The vast ma­jor­ity of smart de­vices are run­ning op­er­at­ing sys­tems based on Linux, mak­ing at­tacks on them eas­ier be­cause crim­i­nals can write generic ma­li­cious code that tar­getsa huge num­ber of de­vices si­mul­ta­ne­ously. What makes the is­sue dan­ger­ous is its po­ten­tial reach. Ac­cord­ing to in­dus­try ex­perts, there are al­ready more than 6 bil­lion smart de­vices across the globe.

Most of them do not even have a se­cu­rity so­lu­tion and their man­u­fac­tur­ers usu­ally do not pro­duce any se­cu­rity up­dates or new firmware. This means there are mil­lions and mil­lions of po­ten­tially vul­ner­a­ble de­vices - or maybe even de­vices that have been al­ready com­pro­mised. “The is­sue of smart de­vicese­cu­rity is se­ri­ous, and one that we should all be aware of. Last year showed that it is not just pos­si­ble to tar­get con­nected de­vices, but that this is a very real threat. We have seen a huge in­crease in IoT mal­ware sam­ples, but the po­ten­tial is even greater,” said Vladimir Kuskov, se­cu­rity ex­pert, Kasper­sky Lab.

“Ap­par­ently, high com­pe­ti­tion in the mar­ket of DDoS at­tacks is push­ing at­tack­ers to search for new re­sources that will­help them make in­creas­ingly pow­er­ful at­tacks. Bot­net Mi­rai demon­strated that smart de­vices can give cy­ber­crim­i­nals what they need, with the num­ber of de­vices they can tar­get now reach­ing bil­lions. Var­i­ous an­a­lysts have pre­dicted that by 2020, this could grow to 20-50 bil­lion de­vices,” he added. In or­der to pro­tect your de­vices, Kasper­sky Lab se­cu­rity ex­perts ad­vise the fol­low­ing:

If you don’t need to, do not ac­cess your de­vice from an ex­ter­nal net­work. Dis­able all net­work ser­vices you don’t need to use the de­vice. If there is a stan­dard or uni­ver­sal pass­word that can­not be changed, or the pre­set ac­count can­not be de­ac­ti­vated, dis­able the net­work ser­vices in which they are used, or close ac­cess to ex­ter­nal net­works.

Be­fore us­ing the de­vice, change the de­fault pass­word, and set a new one.

Reg­u­larly up­date the de­vice’s firmware to the lat­est ver­sion if pos­si­ble.

Newspapers in English

Newspapers from Kuwait

© PressReader. All rights reserved.