2 min read

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Silviu STAHIE

October 22, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

The idea that our IoT devices might present an attractive target may seem ridiculous. What could attackers achieve by compromising my vacuum cleaner or my smart TV? Well, it turns out that simple access to those devices is a coveted prize.

Whether we're aware or not, our homes have become smart hubs filled with intelligent devices. We have smart TVs (some with really powerful hardware), vacuums, washing machines, speakers, personal assistants, streaming devices, surveillance cameras, network-attached devices (NAS), smartphones and PCs. And that only scratches the surface of what people have inside their homes.

Any of these devices might have vulnerabilities that would allow attackers to take control or at least compromise them. While we can't compare a compromised PC with a compromised washing machine, it doesn't mean that laundry appliance holds no interest.

The value of IoT devices

Each IoT device we bring into our home serves a particular purpose. With a few exceptions, such as NAS or a PC, most of them don't have powerful hardware, and they usually run proprietary operating systems. But all these devices share one thing: they are connected to the internet, and that connection makes them extremely valuable.

Sure enough, some criminals will go after a PC or NAS to steal data, launch attacks in the same network or block access by deploying ransomware. There's no ransomware designed to hijack a smart TV or vacuum cleaner, but manufacturers still issue security patches and close potential vulnerabilities because they know the potential impact a compromised device can have.

DDoS as a business

One of the multiple illicit businesses that appeared in the past few years is DDoS (distributed denial of service) as a product. Basically, criminals offer to organize DDoS attacks for anyone willing to purchase the service. Indicate the target, pay the price, and sit back. Technical knowledge is not required. Recently, the Dutch Police sent a warning message to people who used such illegal services.

In many situations, the backbone of these DDoS networks is made up almost entirely of compromised IoT devices that now have a new purpose: to flood the criminals' targets with requests via the internet. The device's hardware capabilities are of little importance as long as attackers can make it to interrogate any target of choice.

Any IoT user must remember to check on hardware present in the house, see if any security patches are awaiting installation, change the default passwords, and close ports and services that aren't used, like SSH. Of course, having an intelligent router or using the services of an ISP that both integrate Bitdefender's IoT Security Platform is also a good idea as it can block vulnerability exploits and disable compromised IoT devices in the network without affecting any of the rest.

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials Iranian Threat Actor Deployed Malicious PowerShell Script through Phishing, Then Stole Files and Credentials
Silviu STAHIE

November 26, 2021

1 min read
Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group Ukraine Arrests Five iPhone Hackers of the Phoenix International Hacking Group
Filip TRUȚĂ

November 26, 2021

1 min read
Couple arrested for secretly installing cryptomining software on department store PCs Couple arrested for secretly installing cryptomining software on department store PCs
Graham CLULEY

November 26, 2021

1 min read