Microsoft security researchers discover new cyber attack through Internet of Things connected devices

A new publication by Microsoft's Threat Intelligence Center points out an increasingly popular avenue used for cyber attacks: the Internet of Things (IoT). The publication states that researchers discovered a new attack that exploited vulnerabilities in simple IoT devices like a printer and a VOIP phone to access an enterprise network.

Sam Medley, Published 08/06/2019

Cyber attacks are on the rise, and security researchers at the Microsoft Threat Intelligence Center have discovered a new intrusion method through an increasingly popular avenue: connected devices, or the Internet of Things.

Researchers at Microsoft discovered a new attack line, attributed to Russian cyber espionage group STRONTIUM (aka Fancy Bear, APT28, Pawn Storm, and other aliases), that exploits the lax control of internet-connected devices. While device specifics weren’t given in their report, the researchers stated that “popular IoT devices” including a Voice-over-Internet-Protocol (VOIP) phone, a printer, and a video decoder were targeted by attackers to gain access to connected network infrastructure.

In the attack, the hackers gained access to the IoT devices and used shell scripts to sniff network traffic for connections to local subnets, opening other devices on the same network to attack. The attackers also used a relatively simple script to “establish persistence on the network,” enabling them to retain access for an indefinite period of time.

While Microsoft did not comment on the extent or impact of the attack, the research team pointed out that initial access was possible because of poor device management on the victim’s part. Specifically, the default password for two of the devices (set by the manufacturer) had not been changed. The third device was running older software and had not had the latest security update installed.

The research team concluded that as IoT devices are becoming more popular in the enterprise sector, the vulnerabilities in these devices can open organizations up to attack through unexpected vectors. According to Microsoft, the “number of deployed IoT devices outnumber the population of personal computers and mobile phones combined.” As technology progresses, so too do the methods and avenues of cyberattacks.

The research team concluded their study with several suggestions for securing IoT devices, including employing stricter controls on IoT devices that are connected to corporate networks, running a separate and isolated network for IoT devices, and consistent monitoring of IoT devices to detect any odd behavior such as pings to external servers. A full list of recommendations can be found on the Microsoft Research Center blog.

Source(s)

Microsoft Blog

Microsoft Outlook Windows client version 20231027003.15 (Source: Own)

The new Outlook gives Microsoft access to Gmail, Yahoo, iCloud, and IMAP accounts 11/10/2023

ÆPIC affects Intel 10th gen to 12th gen CPUs. (Image Source: Aepicleak.com)

New CPU architecture vulnerabilities: Intel 10th gen to 12th gen chips affected by AEPIC, SQUIP exploits loophole in all AMD Zen CPUs with SMT 08/16/2022

IoT sensors, developed by smaXtec monitor the internal well-being of farm animals. (Image: smaXtec)

Farmers utilize IoT sensors to observe the health of their farm animals 11/05/2021

Experts remain unsure about the extent of the damage caused by the cyber attack (Image source: Panda Security)

Alleged Russian cyber attack allegedly exposed US deep state secrets through "Orion" data breach 12/18/2020

Microsoft Pluton security chip as part of a SoC solution (Source: Microsoft Security)

Microsoft intros the Pluton security chip 11/18/2020

The iPhone X can be cracked by Cellebrite's tool. (Source: Business Insider)

Cybersecurity experts: Android phones may now be more secure than iPhones 01/31/2020

Smartphones in Russia will soon have to be more Russian... whatever that may mean. (Image via Charles DeLuvio on Unsplash, with edits)

Electronics sold in Russia must soon have software that supports "Russian spiritual and moral values" 01/27/2020

The illegal streaming websites iStreamItAll and Jetflicks have been shut down by the FBI and DoJ. (Image: iStreamItAll splash page)

FBI shuts down 2 illegal streaming sites, one of which is bigger than Netflix, Amazon Prime, and Hulu combined 12/16/2019

Lenovo busted for secretly paying cybersecurity "influencers" to promote ThinkShield 11/21/2019

Google Camera could have been used for some extremely shady hacking activities. (Source: XDA)

The cameras on "hundreds of millions" of Android phones could have been hijacked 11/19/2019

John Carmack steps down as CTO of Oculus to develop Artificial General Intelligence 11/14/2019

Intel unveils Keem Bay VPU for improved on-device vision processing 11/13/2019

Hackers target legacy Windows PCs to mine crypto via BlueKeep exploit 11/06/2019

If any of these app icons are on your iPhone or iPad, uninstall them immediately. (Image via Wandera)

Trojan malware found in 17 apps on Apple App Store 10/25/2019

An infected directory showing files with a

Lilu/Lilocked ransomware has now infected thousands of Linux servers 09/08/2019

The new Surface Pro 7 may feature LTE as standard. (Image source: Microsoft)

Surface Pro 7: All variants to come with LTE as standard? 08/30/2019

Security researchers load ransomware onto DSLR over WiFi and encrypt photos in WannaCry-styled attack 08/12/2019

Apps like Facebook Messenger and WhatsApp may need redesigns thanks to iOS 13's background access restrictions 08/07/2019

The HomePod captured more inadvertant Siri recordings than other devices like the iPhone. (Source: Apple)

Apple suspends Siri eavesdropping program in wake of privacy scandal 08/02/2019

A majority of consumers surveyed appear to distrust connected devices. (Source: ERP Insight)

Up to 63% of consumers now find connected devices "creepy" 07/31/2019

Researchers at Symantec discover media file vulnerability in WhatsApp and Telegram 07/17/2019

Kali Linux now available for Raspberry Pi 4 07/10/2019

The Qualcomm Secure Processing Unit is part of the SD 855. (Source: Qualcomm)

The Snapdragon 855 is the first mobile processor certified to be as secure as a smart card 06/26/2019

At least 25 global telecommunications companies were compromised in a seven-year attack utilizing Chinese-affiliated threat actor APT10. (Source: ModernDiplomacy)

Chinese-affiliated hackers compromised 25 global telecommunications companies for over 7 years 06/25/2019

VLC is a popular open source and cross-platform media player with over 3 billion downloads since 2005.

PSA: Update your copy of VLC to avoid allowing hackers full control of your computer when opening video files 06/24/2019

Hackers attacked NASA's Jet Propulsion Lab via a Raspberry Pi, stole 500 MB of mission data 06/23/2019

Edge computing can connect large-scale servers and services to individual devices. (Source: Alibaba Cloud)

The edge-computing market is to be worth about US$7 billion by 2024 06/22/2019

PC-Doctor Tool For Windows is also believed to be vulnerable to cyber attacks. (Image source: Lifewire)

Cybersecurity company finds worrying vulnerability affecting millions of Dell laptops and desktops 06/22/2019

Microsoft 365 for Campaigns is a new suite for political campaign security. (Source: Microsoft)

New Microsoft 365 suite offers enterprise-level security for political campaigns 06/20/2019

GPS spoofing attack could drive a Tesla Model S or 3 off the road, as security researchers find 06/20/2019

The Shot on OnePlus web interface. (Source: OnePlus)

OnePlus found to have sprung a user-data leak through a photography app 06/15/2019

The new Reolink E1 Pro. (Source: Reolink)

Reolink releases a new Wi-Fi home security-cam with 355-degree pan and 50-degree tilt for under US$60 06/07/2019

Microsoft's keynote on the latest Windows developments also previewed some of the latest laptop models revealed at Computex. (Source: The Verge)

Microsoft reveals plans for future Modern Windows OS 05/29/2019

Loading Comments

Comment on this article

Sprint hints it will start stocking...

Samsung's 6th-gen 3D V-NAND SSDs ha...

Sam Medley - Senior Tech Writer - 1345 articles published on Notebookcheck since 2016

I've been a computer geek my entire life. After graduating college with a degree in Mathematics, I worked in finance and banking a few years before taking a job as a database administrator. I started working with Notebookcheck in October of 2016 and have enjoyed writing news and reviews. I've also written for other outlets including UltrabookReview and GeeksWorldWide, focusing on consumer guidance and video gaming. My areas of interest include the business side of technology, retro gaming, Linux, and innovative gadgets. When I'm not writing on electronics or tinkering with a device, I'm either outside with my family, enjoying a decade-old video game, or playing drums or piano.

Please share our article, every link counts!

> Expert Reviews and News on Laptops, Smartphones and Tech Innovations > News > News Archive > Newsarchive 2019 08 > Microsoft security researchers discover new cyber attack through Internet of Things connected devices

Sam Medley, 2019-08- 6 (Update: 2019-08- 6)

Microsoft security researchers discover new cyber attack through Internet of Things connected devices

Source(s)

Related Articles