Subscribe
  • Home
  • /
  • IOT
  • /
  • Cyxtera reveals research finding IOT devices under constant attack

Cyxtera reveals research finding IOT devices under constant attack

Report reveals the detection of new attacks on IOT devices, especially those leveraging zero-day vulnerabilities for specific devices.

Issued by Private Protocol
Johannesburg, 24 May 2019

Cyxtera Technologies, the secure infrastructure company, releases findings from an extensive research project: "Detection of threats to IOT devices using scalable VPN-forwarded honeypots", showing that IOT devices are under constant attack; more than 150 million connection attempts over 15 months.

The report reveals the detection of new attacks on IOT devices, especially those leveraging zero-day vulnerabilities for specific devices. The research was a joint effort by Cyxtera threat researcher Martin Ochoa and researchers from the Singapore University of Technology and Design.

In tandem with the release of this research, Cyxtera announced new functionality in its flagship Zero Trust solution, AppGate SDP, which extends the benefits of network micro-segmentation and software-defined perimeter to connected IOT devices. The AppGate SDP IOT Connector enables enterprises to enforce consistent access control policies across users, servers and devices to protect today's complex and distributed resources.

Key report findings:

* Researchers detected more than 150 million connection attempts to 4 642 distinct IP addresses.
* Sixty-four percent of incoming connections seemed to originate in China, with another 14% from the United States. This was followed by the United Kingdom (9%), Israel (8%) and Slovakia (6%). Note: It's difficult to definitively confirm the origination of Internet traffic as it is possible to re-route traffic to other locations, frequently employed as an obfuscation technique.
* All IOT devices saw attempted logins immediately on coming online and the number of login attempts increased steadily over time.
* Within days of new malware campaigns going public, such as Mirai, Satori and Hakai, those malware families were being used to attack IOT devices from the honeypot. In many cases, the increase in activity was identifiable in the days and weeks before the malware was publicly named.
* Fifty-four percent of connections received by the honeypot were via Telnet port, while HTTP ports received almost all of the remaining connections.
* IP cameras received the majority of connections in the honeypot, suggesting greater attacker interest in those IOT devices as compared to others, such as printers and smart switches. Several recent, large-scale attacks on IOT devices have targeted IP cameras.

"IOT devices are an attractive target for attackers, because they are often a security after-thought and it's harder to keep them patched and up to date, if patches are even available at all," said Alejandro Correa Bahnsen, Vice-President of Data Science at Cyxtera.

"The researchers involved in this project accurately detected several large-scale attacks targeting IOT devices and demonstrated the frequency and speed with which these devices are targeted. This approach can be replicated by other threat researchers to broaden our collective knowledge about these vulnerabilities."

New AppGate IOT Connector extends power of software-defined perimeter

IOT devices are increasingly present in enterprise networks and are expected to grow even more with the advent of 5G networks. With the anticipated rise in IOT adoption, security issues must be addressed head-on to fully leverage the power of smart devices in a way that is safe and managed effectively.

Benefits of AppGate SDP IOT Connector include:

* Consistent enforcement of access control policies across users, servers and IOT devices;
* Reduced operational complexity and cost with easier management of IOT devices;
* Protection of complex, distributed resources;
* Reduced attack surface by limiting over-privileged device access; and
* Decreased audit scope to lower compliance costs.

"The rapid adoption of IOT devices is outpacing the ability to secure them properly," said Ricardo Villadiego, General Manager, Security & Anti-Fraud at Cyxtera. "These devices are connected to the same network as users, servers and sensitive data, which creates risks for the network. AppGate SDP's IOT Connector secures unmanaged devices, restricting lateral movement and reducing an organisation's attack surfaces."

Share

Cyxtera

Cyxtera Technologies combines a worldwide footprint of 50+ best-in-class data centres with a portfolio of modern, cloud- and hybrid-ready security and analytics offerings, providing more than 3 500 enterprises, government agencies and service providers with an integrated, secure and cyber resilient infrastructure platform for critical applications and systems. For more information about Cyxtera, visit: http://www.cyxtera.com/.

Private Protocol

Private Protocol is a data security distributor offering solutions and strategies that covers mobile device and data security, secure data collaboration, secure messaging, SharePoint/O365 security and compliance, AWS security, data classification and data discovery, file share security and compliance, software-defined perimeter, Zero Trust security, total fraud protection and cloud security. Private Protocol also offers cloud risk assessments so companies can understand the impact cloud is having on their business and highlight any risks that may be associated. Private Protocol has a distributed partner channel covering Africa and Indian Ocean Islands

Web site: www.privateprotocol.com.

Editorial contacts

Sales
Private Protocol
(+27) 10 100 37288
sales@privateprotocol.com