OH SUPRISE, SUPRISE, Russian state-sponsored hackers are allegedly cracking into internet of things (IoT) devices, according to Microsoft.
Security smart folks from Microsoft's Threat Intelligence Center said that in April they discovered "infrastructure of a known adversary communicating to several external devices", which basically translates to hacking activity across a trio of IoT devices: a VOIP phone, an office printer, and a video decoder.
"The investigation uncovered that an actor had used these devices to gain initial access to corporate networks. In two of the cases, the passwords for the devices were deployed without changing the default manufacturer's passwords and in the third instance the latest security update had not been applied to the device," the researchers said.
Redmond's finest noted that these devices became points of ingress into the networks they were on, which happened to belong to businesses rather than hacks against smart home enthusiasts.
These hacks were basically to blame on crap passwords on IoT gadgets as well as firmware that hadn't been updated to secure them against the latest cyber nasties. So really, it's the same story we've been hearing for a good few years now that IoT devices lack proper security and thereby offer tempting targets for hackers to use to infiltrate networks.
And such tempting targets are clearly appealing to Russian hackers, according to Microsoft. The firm's security centre found that the IoT attacks it spotted all fed back to a server belonging to the STRONTIUM state-sponsored hacking group, also known as Fancy Bear.
Given Microsoft noticed the IoT hacking at its early stages, it wasn't able to figure out why the hackers were trying to crack into the network. But it did note the attacks seemed aimed at specific sectors, which would indicate that such attacks are properly targeted and have specific cyber objectives.
"Over the last twelve months, Microsoft has delivered nearly 1400 nation-state notifications to those who have been targeted or compromised by STRONTIUM," the researchers said.
"One in five notifications of STRONTIUM activity were tied to attacks against non-governmental organizations, think tanks, or politically affiliated organizations around the world. The remaining 80% of STRONTIUM attacks have largely targeted organizations in the following sectors: government, IT, military, defence, medicine, education, and engineering."
Microsoft touted various ways one might defend themselves against IoT hack, such as using a separate network for the devices and developing a custom security policy for each IoT gizmo.
But Redmond also spouted a call to action in that more people involved in IoT, from hardware makers to security folks, who should work to create IoT devices and the software and systems that govern them with a bigger bend on security.
"There is a need for broader focus across IoT in general, both from security teams at organisations that need to be more aware of these types of threats, as well as from IoT device makers who need to provide better enterprise support and monitoring capabilities to make it easier for security teams to defend their networks," said the researchers.
Once again, this whole shebang highlights that the world of IoT tech still needs a good dollop of security and careful consideration before it's used willy-nilly about the place. µ
Much a (dil)do about nothing
Neither the time nor the face
The tiny tweaks are coming thick and fast now
Gitting more secure