Device Take-Over (DTO) attacks are growing quickly now that hackers have found the Internet of Things. Using handy IoT search engines like Shodan.io, hackers easily get the recon to target the device type (usually one that has a known vulnerability already) and the IP addresses of their next victims. The IoT comprises webcams, home automation systems, remote door controls, thermostats, video set-top boxes, WiFi boxes, HVAC controllers, industrial controllers, electrical power controls, routers, and just about anything else with a network connection. The IoT is at least as large as the Internet of Computers and SmartPhones, according to Forbes’ 2017 IoT Forecast. The large attack surface presented by IoT devices is already getting exploited, according to Wired and Akamai’s March 2018 report on router takeovers, where they estimate 65,000 routers have been compromised to expose the admin interface usually confined to the private side of the network to the public side. Akamai’s report conveniently lists the makes, models, and manufacturers of devices vulnerable to the UPnP attack. Using this intel, hackers can now break in using brute-force and common password methods, then reconfigure the router to function as packet-forwarder to conceal the origin of other attacks. One side effect of this for the owner of the 0wned router is that it looks like the attacks and nefarious activity are originating from his network. This could be tricky to explain to a policeman later.
For device makers, there is some good news here…the Magnus IoT Self-Defender. Self-Defender packages the patented Magnus technology into a small footprint, self-contained module that defends the administrative interface logon of the device against takeover attempts, using Magnus’ unique pro-active countermeasure that disables attackers. Read more about Magnus IoT Self-Defender.