Avast experts conducted an experiment by installing in more than 500 Honeypots servers in several countries around the world webcams or routers that were posing as IoT-devices, such as streaming devices. Thus, the researchers wanted to prove to how many attacks smart home devices could be exposed.Experts have recorded more than 500,000 attacks on IoT devices in 2 hours
Traps were active for two hours in the evening of September 25, 2019.
Potential attackers scanned more than 500 traps 561,003 times in two hours. Trap servers were located in Mexico, France, Germany, South Korea, Australia, the UK, Japan, Russia, Spain, Ireland, Singapore, the United States and India.
When setting up the traps, Avast researchers selected typical connected devices with open ports, so that attackers would believe that they were connecting to real routers, televisions, webcams, and so on.
Avast traps were specially endowed with open ports, such as TCP: 23 (telnet protocol), TCP: 22 (ssh protocol), TCP: 80 (http protocol).
Most often, the attackers scanned three ports: port 8088, which is usually found in streaming devices and smart speakers, and Telnet 22 and SSH 23 ports, which are often present in routers. According to Avast research, streaming devices are in the top 5 most vulnerable in the house, and two-thirds of routers have weak credentials or software vulnerabilities. The three main countries from which the attacks came were the United States, the Netherlands, and Japan.
“Most people do not attach much importance to the vulnerabilities of home devices – smart speakers, televisions or light bulbs – because they believe that they cannot become the target of cybercriminals. We have already seen hundreds of thousands of connected devices used as part of a botnet for DDoS attacks on popular sites and routers or for crypto mining. For many, it probably doesn’t matter if their devices are used to attack other people, but they should know that they can also be the target of hackers”, – said Michal Salat, director of Avast’s threat analysis department.
An attacker needs only one hacked device to take control of the entire home network. By collecting information about the house, an attacker could endanger both the confidentiality of the owners’ data and their physical safety.
User Review( votes)