Internet of Things

In 2016 concerns about securing the Internet of Things for the future saw plenty of airtime and column centimetres devoted to it by industry commentators.  As 2016 ends IoT security appears to be featuring prominently for all the wrong reasons courtesy of some malicious code called Mirai. 

Mirai is proving to be a very dangerous piece of IoT malware. It has been developed to scan the internet for insecure IoT devices such as routers, DVR’s and cameras. Once Mirai finds and infects these devices they then become part of a botnet army which can then be used to launch large scale Distributed Denial of Service (DDoS) attacks.

Mirai came to prominence during September after it was used to create an attack against a Dynamic DNS Service provider in the US called DynDNS. The attack, which lasted the best part of a day, impacted many users as hundreds of services including Netlink, Twitter and AirBnB became inaccessible.   

Subsequently similar attacks have hit Telcos including Deutsche Telekom in Germany, Talk Talk in the UK and Eircom in Ireland. Home routers supplied to their customers have been infected with Mirai and thereafter used to create DDoS attacks that severely affected service provision. In Germany just under a million customer routers were affected and taken offline. The manufacturers identified as having vulnerable router equipment “in the field” include Zyxel, DLink, ZTE and Billion.    

The original variant of this IoT malware gains access to devices using a brute-force attack to apply many possible default user and password combinations from the various equipment manufacturers via a telnet or SSH session. A second variant exploits a router management protocol used by the Telcos to remotely manage devices. In both cases once the device has been infected remote administration functions are disabled making attempts to fix the issue by applying a software update impossible.

Because many IoT devices are based on cheap computing technology they will continue to be easy targets for malicious malware. Getting the equipment manufacturers to all agree to build in better security will be challenging. Whilst simplistic, it may be feasible to enforce a login and password change from the factory default setting after installation – even more simplistic…….should we just expect that the users of the equipment are responsible for changing the default login and password setting after installation ? – currently it is estimated 500,000 devices are infected by Mirai and its variants.   

Whilst the recent DDoS examples appear to have created minimal damage one does wonder if 2017 will be the year when we see some seriously negative outcomes as we scramble to develop an antidote for this malicious and infectious activity.  

To download the booklet – Building a Trusted Foundation for the Internet of Things – CLICK HERE

If you would like to discuss this or any other security requirements, please don't hesitate to contact Mark Heard mark.heard@mpa.co.nz or Mike Conboy mike.conboy@mpa.co.nz.

 

 

The Team at MPA wish all the best for the Holiday Season.

Seasons Greetings

 

Mike Conboy -
Consultant 

Mike has over 20 years’ experience in the New Zealand Security Industry covering a variety of roles including Systems Engineering, Product Management, Business Management and Development.

Originally engaged within UK Defence and Telecommunication Industries, Mike emigrated to NZ in the early 90’s and has provided service to clients via Systems Integrators, Value Added Distribution, Consultancy and Managed Security Services.

Mike is a Chartered IT Professional (Fin, Info Sec) with MSc (Info Systems Engineering) and a BSc (Physics, Electronics).


Latest Security Problems Solved

Privileged Password Management - Pitfalls to consider More >
SIEM matures, however landscape changes. More >
What Does It Take To Lower Your Mobile Cost Of Ownership? More >
2014: The Year Encryption Comes of Age More >
Our Solutions
Security Solutions

We work with leaders in the fields of data protection, authentication and perimeter security to protect your organisation and manage any threats with the most effective security systems. More >

Technical Services

MPA New Zealand Ltd provides a range of technical services to compliment the vendor technology our company brings to the local market. More >