2 min read

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Silviu STAHIE

October 22, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

The idea that our IoT devices might present an attractive target may seem ridiculous. What could attackers achieve by compromising my vacuum cleaner or my smart TV? Well, it turns out that simple access to those devices is a coveted prize.

Whether we're aware or not, our homes have become smart hubs filled with intelligent devices. We have smart TVs (some with really powerful hardware), vacuums, washing machines, speakers, personal assistants, streaming devices, surveillance cameras, network-attached devices (NAS), smartphones and PCs. And that only scratches the surface of what people have inside their homes.

Any of these devices might have vulnerabilities that would allow attackers to take control or at least compromise them. While we can't compare a compromised PC with a compromised washing machine, it doesn't mean that laundry appliance holds no interest.

The value of IoT devices

Each IoT device we bring into our home serves a particular purpose. With a few exceptions, such as NAS or a PC, most of them don't have powerful hardware, and they usually run proprietary operating systems. But all these devices share one thing: they are connected to the internet, and that connection makes them extremely valuable.

Sure enough, some criminals will go after a PC or NAS to steal data, launch attacks in the same network or block access by deploying ransomware. There's no ransomware designed to hijack a smart TV or vacuum cleaner, but manufacturers still issue security patches and close potential vulnerabilities because they know the potential impact a compromised device can have.

DDoS as a business

One of the multiple illicit businesses that appeared in the past few years is DDoS (distributed denial of service) as a product. Basically, criminals offer to organize DDoS attacks for anyone willing to purchase the service. Indicate the target, pay the price, and sit back. Technical knowledge is not required. Recently, the Dutch Police sent a warning message to people who used such illegal services.

In many situations, the backbone of these DDoS networks is made up almost entirely of compromised IoT devices that now have a new purpose: to flood the criminals' targets with requests via the internet. The device's hardware capabilities are of little importance as long as attackers can make it to interrogate any target of choice.

Any IoT user must remember to check on hardware present in the house, see if any security patches are awaiting installation, change the default passwords, and close ports and services that aren't used, like SSH. Of course, having an intelligent router or using the services of an ISP that both integrate Bitdefender's IoT Security Platform is also a good idea as it can block vulnerability exploits and disable compromised IoT devices in the network without affecting any of the rest.

tags


Author



Right now

Top posts

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read
Why and how to hide your IP address while traveling

Why and how to hide your IP address while traveling

April 13, 2022

2 min read
How Bitdefender Can Help Restore Your Privacy in the Digital Age

How Bitdefender Can Help Restore Your Privacy in the Digital Age

April 04, 2022

3 min read
How Strong is VPN Encryption?

How Strong is VPN Encryption?

February 28, 2022

3 min read
Top Three Ways Internet Users Unknowingly Help Cybercriminals

Top Three Ways Internet Users Unknowingly Help Cybercriminals

February 25, 2022

4 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

1.8 Million Texans Caught in TDI Data Breach 1.8 Million Texans Caught in TDI Data Breach
Silviu STAHIE

May 20, 2022

1 min read
Your Identity is Being Traded on The Internet Every 2.5 Minutes Your Identity is Being Traded on The Internet Every 2.5 Minutes
Radu CRAHMALIUC

May 20, 2022

3 min read
Malware and PUA Campaigns Abuse Existing Apps, Here’s a Top 10 to Watch Out For Malware and PUA Campaigns Abuse Existing Apps, Here’s a Top 10 to Watch Out For
Silviu STAHIE

May 19, 2022

3 min read