2 min read

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Silviu STAHIE

October 22, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

The idea that our IoT devices might present an attractive target may seem ridiculous. What could attackers achieve by compromising my vacuum cleaner or my smart TV? Well, it turns out that simple access to those devices is a coveted prize.

Whether we're aware or not, our homes have become smart hubs filled with intelligent devices. We have smart TVs (some with really powerful hardware), vacuums, washing machines, speakers, personal assistants, streaming devices, surveillance cameras, network-attached devices (NAS), smartphones and PCs. And that only scratches the surface of what people have inside their homes.

Any of these devices might have vulnerabilities that would allow attackers to take control or at least compromise them. While we can't compare a compromised PC with a compromised washing machine, it doesn't mean that laundry appliance holds no interest.

The value of IoT devices

Each IoT device we bring into our home serves a particular purpose. With a few exceptions, such as NAS or a PC, most of them don't have powerful hardware, and they usually run proprietary operating systems. But all these devices share one thing: they are connected to the internet, and that connection makes them extremely valuable.

Sure enough, some criminals will go after a PC or NAS to steal data, launch attacks in the same network or block access by deploying ransomware. There's no ransomware designed to hijack a smart TV or vacuum cleaner, but manufacturers still issue security patches and close potential vulnerabilities because they know the potential impact a compromised device can have.

DDoS as a business

One of the multiple illicit businesses that appeared in the past few years is DDoS (distributed denial of service) as a product. Basically, criminals offer to organize DDoS attacks for anyone willing to purchase the service. Indicate the target, pay the price, and sit back. Technical knowledge is not required. Recently, the Dutch Police sent a warning message to people who used such illegal services.

In many situations, the backbone of these DDoS networks is made up almost entirely of compromised IoT devices that now have a new purpose: to flood the criminals' targets with requests via the internet. The device's hardware capabilities are of little importance as long as attackers can make it to interrogate any target of choice.

Any IoT user must remember to check on hardware present in the house, see if any security patches are awaiting installation, change the default passwords, and close ports and services that aren't used, like SSH. Of course, having an intelligent router or using the services of an ISP that both integrate Bitdefender's IoT Security Platform is also a good idea as it can block vulnerability exploits and disable compromised IoT devices in the network without affecting any of the rest.

tags


Author



Right now

Top posts

What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down Attackers Hit German Chambers of Industry and Commerce; All Digital Services Down
Silviu STAHIE

August 05, 2022

1 min read
Slope Wallets Blamed for $6 Million Solana Hack Slope Wallets Blamed for $6 Million Solana Hack
Silviu STAHIE

August 04, 2022

1 min read
Wiseasy Employee Credentials Found Online, More than 140,000 POS Terminals Affected Wiseasy Employee Credentials Found Online, More than 140,000 POS Terminals Affected
Silviu STAHIE

August 03, 2022

1 min read