The latest installment of F5’s The Hunt for IoT series, The Growth and Evolution of Thingbots Ensures Chaos, found that Singapore is in the top five destinations globally for IoT attacks.
With 8.4 billion devices currently in use, and over 30 billion devices projected to be deployed by 2020, unprotected devices are a goldmine for hackers, as they find new ways to exploit numerous protocols beyond telnet (an underlying TCP/IP protocol for accessing remote computers) to ensure they capture as many vulnerable IoT devices as possible. Thingbots are botnets compromising of infected IoT devices which are typically unmanaged, providing a low likelihood of being discovered by their owner and remediated.
Persirai infected IP cameras
Concentration of Persirai infected devices continue to increase even after discovery as
seen from June to December 2017 – with growth in China, South Korea and Japan
Are you being attacked?
Thingbots are capable of globally destructive attacks, and the worrying fact is that the security industry has only started discovering them with increasing frequency. Massive, well known thingbots such as Mirai and Persirai have been wreaking havoc around the world, and show no signs of slowing down. A new variant of the notorious Mirai malware is exploiting kit with ARC processors. Dubbed the Okiru, is the first capable of infecting devices powered by ARC CPUs which is responsible for running a variety of internet-connected products including cars, mobiles, TVs, cameras and more. In fact, despite broad awareness of their existence and threat, it is reported that Persirai infected IP cameras still exist all across Asia with the heaviest concentrations in Thailand, China, South Korea, Japan, Taiwan and Malaysia. There is even a website that collects the streaming footage from over 73,000 hacked IP cameras worldwide. These live footages ranges from parking lots and store surveillance to the bedrooms of unknown individuals.
While China, the US and Russia are clearly the top three attacking countries, the report suggests that because vulnerable IoT devices are deployed globally without bias, there is no standout IoT attack destination. However, from August to December 2017, the most attacked countries were the U.S., Singapore, Spain, and Hungary—possibly due to the high IoT device penetration rate in these nations.
What’s the impact?
As seen from countless thingbots hacking incidents that have taken place in the past five years, both public and private entities have much to lose from the hackings. From the spying of households through baby monitoring cameras to the complete takeover of smart cars remotely, IoT hacking has the potential to cause privacy loss and even deaths.
What can businesses do?
As Southeast Asia emerges as a global growth leader with some of the world’s fastest expanding economies, it is crucial that businesses protect themselves to continue this progression. The list of top 15 thingbots attacks above is not exhaustive but it has every potential at crippling businesses and most importantly, discredit the integrity of an organization. As such, the onus is upon every business owner to ensure that they provide a safe and secure global cyberspace for their customers—basic digital hygiene that every individual and business owners should diligently practice:
In addition, other notable highlights from The Hunt for IoT – The Growth and Evolution of Thingbots Ensures Chaos report include:
· China is the largest attacker – indicative of a widespread infected IoT device problem. Infected devices in China are primarily attacking the US, Spain, Italy, Singapore and Hungary
· Japan and Bangladesh only had one network on the top 50 attacking networks list – is it only a matter of time before it becomes zero?
· Mirai has grown in Asia despite broad awareness of the thingbot – which points to infected IoT devices not being managed
· Persirai infections in India have noticeably declined – what has happened?
Threat Analysis: The Hunt for IoT – The Growth and Evolution of Thingbots Ensures Chaos is the fourth volume of F5 Networks’ IoT reports, following the third volume Threat Analysis: The Hunt for IoT – The Rise of Thingbots. The APCJ focused report is available for download here.