Evolution of Iot Attacks

Evolution of Iot Attacks

Evolution of IoT Attacks By 2025, there will be 41.6 billion connected IoT devices, generating 79 zettabytes (ZB) of data (IDC). Every Internet-connected “thing,” from power grids to smart doorbells, is at risk of attack. BLUETOOTH INDUSTRIAL MEDICAL Throughout the last few decades, cyberattacks against IoT devices have become more sophisticated, more common, and unfortunately, much BOTNET GENERIC IOT SMART HOME more effective. However, the technology sector has fought back, developing and implementing new security technologies to prevent and CAR INFRASTRUCTURE WATCH/WEARABLE protect against cyberattacks. This infographic shows how the industry has evolved with new technologies, protocols, and processes to raise the bar on cybersecurity. STUXNET WATER BMW MIRAI FITBIT SAUDI PETROL SILEX LINUX DARK NEXUS VIRUS UTILITY CONNECTED BOTNET VULNERABILITY CHEMICAL MALWARE BOTNET SYSTEM DRIVE SYSTEM PLANT ATTACK (SCADA) PUERTO UNIVERSITY UKRAINIAN HAJIME AMNESIA AMAZON PHILIPS HUE RICO OF MICHIGAN POWER VIGILANTE BOTNET RING HACK LIGHTBULB SMART TRAFFIC GRID BOTNET METERS LIGHTS MEDTRONIC GERMAN TESLA CCTV PERSIRAI FANCY SWEYNTOOTH INSULIN STEEL MODEL S BOTNET BOTNET BEAR VS. FAMILY PUMPS MILL HACK REMOTE SPORTS HACK HACKABLE HEART BASHLITE FIAT CHRYSLER NYADROP SELF- REAPER THINKPHP TWO MILLION KAIJI MONITORS BOTNET REMOTE CONTROL UPDATING MALWARE BOTNET EXPLOITATION TAKEOVER MALWARE First Era | THE AGE OF EXPLORATION | 2005 - 2009 Second Era | THE AGE OF EXPLOITATION | 2011 - 2019 Third Era | THE AGE OF PROTECTION | 2020 Security is not a priority for early IoT/embedded devices. Most The number of connected devices is exploding, and cloud connectivity Connected devices are ubiquitous in every area of life, from cyberattacks are limited to malware and viruses impacting Windows- is becoming commonplace. With the continued acceleration of attacks transportation and manufacturing to medicine and entertainment. In based embedded control systems. Instead of actively putting up a targeting IoT devices, criminals improve their ability to monetize response to this growing number and severity of attacks, governments defense, organizations simply assume no one would bother to attack these attacks through crypto mining, ad-click fraud, and spam email and industrial groups begin to enact legislation requiring higher levels of these devices running in isolated networks. Security methods and campaigns. Nation-state attackers exploit IoT devices for political security for IoT devices. technologies include: motivated attacks. Companies are beginning to address security for IoT Because hackers will continue to find “soft targets” in legacy and new devices, but the level of protection is inconsistent, and many connected • Security by obscurity devices implemented without strong security measures, companies devices still have significant secure flaws. • Minimal security, often easily bypassed worldwide are beginning to build strong security controls into IoT devices, • Secure protocols (SSH or SSL) used in a few systems, usually no While many new security technologies are being adopted, their use using security frameworks and unified solutions with key security other security controls is inconsistent, incomplete, and sometimes flawed, resulting in many technologies that work together to provide multiple layers of protection. • Air-gapped networks devices that remain vulnerable. Security technologies used for some IoT Chief components of these frameworks include: and embedded devices include: • Security protocols (TLS and • Embedded firewall and intrusion • Security protocols (TLS and SSH) SSH) detection • Secure boot • Secure boot • Data at rest protection • TPM or Secure Element for secure key storage • TPM or secure element for • Certificates/PKI for • Hardened operating system secure key storage authentication and identification • Embedded Firewall • Hardened operating system First Era BASHLITE BOTNET TESLA MODEL S REMOTE HACK 2014 2016 THE AGE OF EXPLORATION Risk: Denial of service Risk: Safety BASHLITE infected more than 2M devices in two years. Spreading Researchers remotely hacked an unmodified Tesla Model S and STUXNET VIRUS through brute-forcing, BASHLITE was able to launch several types took over the multimedia system and dashboard displays, switched 2005 of large-scale DDoS attacks simultaneously. A 2020 version could on the turning signals, and unlocked the doors without using a key. also deploy cryptocurrency-mining and bricking malware. They also managed to activate the windshield wipers, fold in the Risk: Operational disruption side mirror, and open the trunk – all while the car was moving. Used to attack a uranium enrichment facility at Natanz, Iran, this UNIVERSITY OF MICHIGAN TRAFFIC LIGHTS virus was an early indicator of IoT vulnerabilities and how they can MIRAI BOTNET lead to critical national infrastructure breaches. 2014 2016 Risk: Safety HACKABLE HEART MONITORS Researchers seized control of an entire system of over 100 Risk: Denial of Service 2008 intersections from a single access point. Easily hacked, the The infamous IoT botnet Mirai took advantage of IoT devices with traffic light system used wireless radios for its communication weak or default passwords and gained control of large numbers Risk: Safety infrastructure with very basic encryption and no password. of compromised closed-circuit TV cameras and routers, using Researchers found that implantable cardiac defibrillators (ICDs) them to launch a DDoS attack that crippled large swathes of the could be externally controlled, allowing intruders to intercept GERMAN STEEL MILL HACK internet including Twitter, the Guardian, Netflix, Reddit, and CNN. medical information and manipulate the device by taking The source code was then released into the wild. advantage of the unencrypted signals in the ICD’s built-in radio. 2014 Risk: Operational disruption NYADROP SELF-UPDATING MALWARE PUERTO RICO SMART METERS Hackers used spear phishing to infiltrate a German steel mill’s 2016 2009 network and manipulate its controls to compromise a multitude of systems, including industrial components on the production Risk: Denial of Service Risk: Operational disruption network and a blast furnace which could not be properly shut This brute-force attack targeted IoT devices by running through An electrical utility in Puerto Rico was estimated to have lost down, resulting in substantial damage. a vast list of common usernames and passwords until it gained hundreds of millions of dollars after the power consumption access. Once in, NyaDrop dropped other malware onto the victim figure was manipulated, allowing the smart meters to be BMW CONNECTED DRIVE SYSTEM device. It was difficult to diagnose and remove because it would controlled by external devices and not accurately measure the 2015 self-delete and alter its malware each time it successfully hacked amount of power used. into a system. Risk: Financial Researchers exploited a vulnerability in BMW’s Connected Drive HAJIME VIGILANTE BOTNET Second Era system and imitated BMW servers to send remote unlocking instructions 2016 THE AGE OF EXPLOITATION to vehicles. The test took advantage of the remote unlocking feature, which could be requested via a BMW assistance line. Risk: Operational disruption More sophisticated than Mirai, Hajime would fight rival botnets MEDTRONIC INSULIN PUMPS FIAT CHRYSLER REMOTE CONTROL for control of a device. Hajime had no tools for DoS attacks, only 2011 2015 ways to continue expanding its reach and keep fighting other botnets. It is known for leaving quirky messages on compromised Risk: Safety Risk: Safety systems, such as “Stay sharp!” Software and a special antenna allowed researchers to locate Uconnect, a smart feature which controls the Fiat Chrysler and seize control of any device within 300ft through its radio vehicles’ entertainment and navigation, was found to have CCTV BOTNET transmitters, potentially making it pump excessive quantities of a vulnerability that opened the chip in the car’s head unit to 2016 insulin into the blood. malicious code, which in turn could be used to send commands to manipulate physical components including steering and brakes. Risk: Denial of Service WATER UTILITY SYSTEM (SCADA) This botnet hijacked 25.5K internet-connected CCTV cameras 2011 UKRAINIAN POWER GRID to conduct network attacks against online shops. The massive 2015 operation was able to regularly flood websites with 35K HTTP Risk: Operational disruption requests per second. This could escalate into a tsunami of 50K Hackers destroyed a water pipe outside the city of Illinois by gaining Risk: Operational disruption HTTP requests per second if defensive measures were not taken. access to the industrial control system. They were able to burn Hackers compromised the internal corporate network through out one of the utility’s pumps by causing the SCADA system that spear-phishing malware emails. They were then able to seize controlled it to turn the pump on and off repeatedly. control of the SCADA network and turn substations off, leaving 230K people without electricity. The malware also disabled IoT control devices by implanting malicious firmware on the devices. FITBIT VULNERABILITY THINKPHP EXPLOITATION Third Era 2017 2018 THE AGE OF PROTECTION Risk: Data loss Risk: Denial of Service Researchers found that some Fitbit products were vulnerable Attackers leveraged CVE-2018-20062, a remote code execution to intrusions and that messages transmitted between fitness (RCE) vulnerability in Chinese open source PHP framework PHILIPS

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    3 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us