Hackers start probing your smart device minutes after you connect it

The business of compromising Internet-of-Things devices has moved to a new stage, where using default credentials to brute-force the access on the gadget is no longer the only method of attack. Crooks have started to use exploits for known security flaws affecting smart products.

Vulnerabilities are now part of the mix, with cybercriminals hurling exploits at insecure devices less than a day after they connect to the internet. Login brute-force attempts, which are a simpler way to probe access, occur even faster – within five minutes of the IoT device becoming available online.

Adding vulnerability exploitation could suggest that developers in the IoT space have implemented baseline security in the products or that users have started to become aware of the risks of factory-default access. Regardless of the reason for this shift in the attack method, security problems remain, as patching vulnerabilities is slow, if it takes place at all.

These conditions provide a window of opportunity large enough for exploits to become public and for cybercriminals to adapt them to their needs. A study reveals that a patch for a known, easy-to-exploit vulnerability sometimes takes six months to become available. Add to this the fact that an update delivery mechanism is present on most smart devices and that few users are concerned with updates.

A recent report from Netscout confirms these findings. The researchers also said an IoT device could be vulnerable out of the box because it could sit on the shelf for weeks before someone buys it.

“IoT devices sooner or later get patched, but not at the same rate nor priority which we see with operating systems,” the researchers say in the report. “This makes the longevity and usefulness of IoT based vulnerabilities much longer and very attractive to botnet authors.”

And the attackers are fast at taking advantage, probing the gadgets with its default credentials from the manufacturer. This happens less than five minutes after the gadget becomes reachable over the internet, the researcher noticed. It only takes this long because it needs to be located online first.

If the method is unsuccessful, within 24 hours the exposed IoT device will see exploitation attempts for known vulnerabilities. No matter how old the vulnerability, hackers will exploit it.

Bitdefender BOX 2 has you covered against hacker attacks and can monitor any gadget on the local network, be it a router, an IP cam, surveillance system, TV-set, speaker, wearable, smart appliance, or printer. It also runs a vulnerability assessment, letting you know which endpoints are in need of a patch. And while you wait for a fix, BOX 2 still protects against exploit attempts.

Image credit: stevepb