News
Smart toothbrushes and other IoT devices increasingly used to launch cyberattacks – contribution from NETSCOUT
February 2024 by NETSCOUT
According to a report by Swiss newspaper Aargauer Zeitung*,
cybercriminals have infected three million smart toothbrushes with
malware to carry out a massive DDoS attack. The compromised toothbrushes
were transformed into malicious botnets, taking an unnamed Swiss company
offline for several hours and causing widespread disruption, costing the
firm millions of euros in damages.
This continues the recent trend of a significant growth in malicious
botnets. NETSCOUT’s ASERT Threat Intelligence Team has identified** a
sudden increase in device activity since the end of last year. These
elevated levels of activity signal a new weaponisation of the cloud
against the global internet, representing the beginning of a threatening
new wave of cybercrime.
Christopher Conrad, senior threat intelligence analyst at NETSCOUT,
outlines the current state of Internet of Things (IoT) security and how
more must be done to ensure IoT devices are secure:
“Our increasingly interconnected world has seen a rapid surge in the
number of IoT devices used in business and public services. These
devices often have poor security, so cybercriminals can easily
compromise them with botnet malware and use them to remotely launch a
range of cyberattacks including DDoS attacks.
“According to NETSCOUT’s latest DDoS Threat Intelligence Report***,
nearly 8 million DDoS attacks were launched during the first half of
2023 – a 30.5 per cent increase compared to 1H 2022. Among these
attacks, adversaries are predominantly deploying IoT botnets to target
enterprises and other types of endpoint networks, but also state and
local governments. Without better IoT security, we will see this threat
landscape continue to expand and disrupt services.
“While some IoT vendors are putting thought towards security, most are
not unless they are forced to via regulations that gate markets based on
compliance. Ultimately, IoT devices are designed for convenience, cost
effectiveness and profit, and several vendors put that ahead of
security. It’s often left to the end user to bolt on instead of being
baked in. You still see several major vendors use built-in backdoors,
hard coded credentials, or rely on the end user to change a password
instead of forcing it at first setup. To top that all off, several IoT
devices do not auto update, so old vulnerabilities stay in place for
longer than they should. Having limited built-in security, makes them
vulnerable to attacks like botnet recruitment.”
