Consumer Routers And IoT Are The Most Attacked Platforms
Microsoft, Apple, and Linux developers for decades have tried their very best to harden their operating system from security breaches, vulnerabilities, and bugs. Although not perfect, the three top operating desktop operating systems have their respective automatic update systems in place, where the developers can push their new codes to fix any problems. The automatic update system helps in stabilizing the desktop and laptop platforms, both from the privacy perspective and the practicality standpoint.
However, the same cannot be said for IoT (Internet-of-things) and consumer routers. For many years, consumer routers feature a flashing-procedure to update its firmware in the event of a serious bug is discovered. However, this facility is risky for the end-user to do, as when the power is cut during the flashing process, the hardware is basically bricked. Consumer routers are designed to be updated by tech-savvy people that know how to do it safely, like connecting it to a UPS prior to the flash procedure. For IoT, they are simple devices like a toaster, a lightbulb or an electric water heater that have an Internet connection. While convenient to use and can be monitored online, they have exposed to the public web and their firmware is not easily upgradable.
Checkpoint, a cybersecurity firm has revealed in their Global Threat Index for the month of July 2018 the growth of exploits against IoT devices and consumer routers. In the global scale, 45% of companies covered by the study were affected by attacks against IoT and consumer routers, a growth of 10% from the month of June 2018. Vulnerabilities connected with VPNFilter, Mirai, and IoTroop/Reaper.
Maya Horowitz, Check Point’s Threat Intelligence Group Manager further explained: “Known vulnerabilities offer cyber-criminals an easy, relatively frictionless entry point into corporate networks, enabling them to propagate a wide range of attacks. IoT vulnerabilities, in particular, are often ‘the path of least resistance’, as once one device is compromised, it can be straightforward to infiltrate further connected devices. As such, it is vital that organizations apply patches to known vulnerabilities as and when they are made available to ensure that networks remain secure. In order to protect from both known and unknown vulnerabilities, it is critical that enterprises employ a multi-layered cybersecurity strategy that protects against both established malware families cyber-attacks and brand new threats.”
In the report presented by Checkpoint, two out of the top 3 malware is malware and Cryptoloot. The former is the nastier of the two, as it only requires the unsuspecting user to visit a website loaded with payload, and that is enough for the browser itself to get hijacked to mine cryptocurrency.
The report also mentioned that Android is still being a favorite target, with Lokibot taking a huge of the virus trojan targeting the platform. is a banking trojan, which monitors user’s banking activity through the mobile device, and stealing login details once typed on the virtual keyboard.
CheckPoint used their ThreatCloud system in order to produce the report. It analyzed 11 million virus signatures and indexed 5.5 million infected websites for the duration of the survey.