Cybercriminals will explore new ways to abuse IoT devices in 2018, local cybersecurity experts warned.
“In 2017, we have seen massive DDOS attacks using hundreds of thousands of compromised IoT devices in people’s homes and workplaces to generate traffic. This is not expected to change with cybercriminals looking to exploit the poor security settings and management of home IoT devices,” said Victor Law, chief operating officer, Greater China Region, Symantec.
Symantec predicts that IoT devices will provide persistent access to home networks in the coming 12 months, and will pose as a backdoor for hackers to penetrate their victims’ enterprise networks.
“Many people access work resources from their homes. Unfortunately, many people do not consider the cyber security implications of their home IoT devices, leaving default settings and not vigilantly updating them like they do with their computers,” Law added.
Tony Lee, head of consulting at Trend Micro Hong Kong, said users should recognize that not all IoT devices have built-in security, let alone hardened security.
“The devices are open to compromise unless manufacturers perform regular risk assessments and security audits. Users are also responsible for setting up their devices for security, which can be as simple as changing default passwords and regularly installing firmware updates,” Lee said.
Citing Trend Micro’s global security predictions for 2018, Lee said biohacking via wearables and medical devices is a potential threat the can materialize this year.
“Biometric activity trackers such as heart rate monitor and fitness bands can be intercepted to get information about users,” Lee added.
Meanwhile, Lee pointed out the Business Email Compromise (BEC) will continue to gain popularity among hackers, as the return on investment for successful attacks are quite high.
“To guard against BEC, user awareness is essential. Companies are advised to conduct drills that simulate a BEC scam so that their staff members are trained to recognize tell-tale signs of a bogus email. This kind of drill can increase their staff awareness,” Lee said.
Symantec on the other hand expects file-less and file-light malware to explode in the coming months, as fewer files on disks make this attractive to hackers.
“With few indicators of compromise (IOC), use of the victim’s own tools and complex disjoint behaviors, these threats have been harder to stop, track and defend against in many scenarios,” said Law.
“Like the early days of ransomware, where early success by a few cybercriminals triggered a gold-rush-like mentality, more cybercriminals are now rushing to use these same techniques. As the attacks get more sophisticated, traditional protection like endpoint security and patch management are no longer enough, companies need to use advanced detection tools such behavior-based analytics,” he added.
First published in Computerworld Hong Kong