When it comes to IoT cyber security breaches, we are all potential victims.

The Internet of Things (IoT) is not merely devices that provide data to users, but networks of connected devices that can also communicate with one another. These capabilities don’t just open up a world of possibilities for individuals, organizations and economies, but also enable cyber criminals to launch attacks such as botnets. The best-known botnet is the 2016 variant known as Mirai, which succeeded in bringing down mainstream internet websites. But exploits such as EternalBlue, ransomware and malware, in general, have become more dangerous for organizations with IoT deployments. And while botnets are dangerous, malware capable of lateral movement is even more so as it can cause extensive damage after accessing a single networked device.

Consider, for instance, a recent malware strain known as “WannMine” that first seeks out credentials on the network, then proceeds to infect every device possible. The goal of the attack is to use their processing power to mine for Bitcoin. Normally, these attacks target personal computers, but organizations with poor IoT device security are vulnerable as well, given that they often run on unsecured Linux builds. Malware such as WannMine and Mirai could easily be made to exploit IoT devices to hold them ransom until payment is made. This threat is something that should concern industrial Internet of Things (IIoT) users. Continue reading in IoT Institute >>

Insider Threat Detection