Brute Force Attacks on IoT – Here to Stay?


IoT devices, such as routers, printers, televisions, cameras, lamps, baby-monitors and what-ever-else, can be found, well, everywhere. Their use has been growing for years and is expected to continue to grow. Unfortunately, these devices are notoriously vulnerable, or worse, the security implementation is so flawed that they are counter-protective leaving the consumer with a false feeling that the device is secure.

Recent IoT Attacks:

In 2016 an IoT based attack on Dyn hit the global headlines, making Mirai famous and synonymous with IoT malware. Since then Mirai has spawned a multitude of variants. At the root of Mirai, and its offspring lies an old attack vector called brute force attacks. This vector attempts to access a device (or any account for that matter) by using a list of well-known, hidden and default account credentials.

In the past, our PCs and email accounts were susceptible to brute force attacks, but Microsoft, Apple and other reputable vendors added mechanisms to prevent them. Almost three years after Mirai was discovered brute force attacks remain common and effective on IoT, why?

How Vulnerable are IoT Devices to Cyber Attacks?

But how easy is it to attack an IoT device? In fact, it is so easy that even an inexperienced 12-year-old could connect thousands of (Read more...)

*** This is a Security Bloggers Network syndicated blog from Allot Blog authored by Noam Kovartovsky. Read the original post at: https://www.allot.com/blog/brute-force-attacks-iot/