Marco Hogewoning, senior external relations officer at RIPE NCC, discusses how governments, manufacturers and other stakeholders can best tackle IoT security concerns, and leverage the founding principles of the Internet to find a solution
IoT UK- As the annual cyber security reports came in towards the end of 2018, it was no surprise to see thet there was an increase in both the number of attacks and the damage done. Most threat analyses also showed that attacks and exploits were getting more sophisticated. The ENISA Threat Landscape Report report showed a rapid rise in IoT-based attacks as well, among others.
The well-known Mirai botnet, first observed in 2016, is still evolving to exploit new vulnerabilities to add IoT devices to its botnet. Several new malware campaigns were also launched, most notably the VPNfilter strain of malware that targets small home and office routers and network storage devices (NAS).
The main objective of these botnets so far has been to take control of devices and use them to attack other parts of the Internet infrastructure. However, researchers are now reporting a rapid increase in attacks that take advantage of the device itself, for instance in cryptojacking campaigns where devices are compromised and used to mine for cryptocurrency.
How can IoT devices such as Utilitywise’s new energy counter be protected within businesses
What is most concerning is ENISA’s observation that there is also an increase in attacks that aim to disable or compromise the IoT network’s functionality itself. In particular, during 2018, a piece of malware called Trition was uncovered, which seeks to compromise industrial safety systems. One can only imagine the devastating outcome a successful attack on these systems could have.
What we can learn from 2018
Even as high-profile attacks like Mirai raise awareness of the vulnerability of IoT devices, there remains a noticeable lack of countermeasures. We did see a few steps in the right direction last year, with the release of the UK government’s IoT Code of Practice, which was created in close cooperation with the industry and other stakeholders. The challenge in 2019 is ensuring that the measures laid out in the code are actually applied to products in the market.
Even more difficult, as the continued threat of the Mirai family shows, is to patch the vulnerable devices that are already in homes and businesses. Think about it – when was the last time you checked if there was new software for your wifi-router or your printer?
We still rely on manufacturers and service providers to supply timely software updates and to help people make the right choices. For instance, service providers are often obliged to force users to pick a unique password upon installation, instead of leaving an easy-to-guess default in place.