Notebookcheck

Microsoft security researchers discover new cyber attack through Internet of Things connected devices

Image via My Windows Hub
A new publication by Microsoft's Threat Intelligence Center points out an increasingly popular avenue used for cyber attacks: the Internet of Things (IoT). The publication states that researchers discovered a new attack that exploited vulnerabilities in simple IoT devices like a printer and a VOIP phone to access an enterprise network.

Cyber attacks are on the rise, and security researchers at the Microsoft Threat Intelligence Center have discovered a new intrusion method through an increasingly popular avenue: connected devices, or the Internet of Things.

Researchers at Microsoft discovered a new attack line, attributed to Russian cyber espionage group STRONTIUM (aka Fancy Bear, APT28, Pawn Storm, and other aliases), that exploits the lax control of internet-connected devices. While device specifics weren’t given in their report, the researchers stated that “popular IoT devices” including a Voice-over-Internet-Protocol (VOIP) phone, a printer, and a video decoder were targeted by attackers to gain access to connected network infrastructure. 

In the attack, the hackers gained access to the IoT devices and used shell scripts to sniff network traffic for connections to local subnets, opening other devices on the same network to attack. The attackers also used a relatively simple script to “establish persistence on the network,” enabling them to retain access for an indefinite period of time. 

While Microsoft did not comment on the extent or impact of the attack, the research team pointed out that initial access was possible because of poor device management on the victim’s part. Specifically, the default password for two of the devices (set by the manufacturer) had not been changed. The third device was running older software and had not had the latest security update installed. 

The research team concluded that as IoT devices are becoming more popular in the enterprise sector, the vulnerabilities in these devices can open organizations up to attack through unexpected vectors. According to Microsoft, the “number of deployed IoT devices outnumber the population of personal computers and mobile phones combined.” As technology progresses, so too do the methods and avenues of cyberattacks.

The research team concluded their study with several suggestions for securing IoT devices, including employing stricter controls on IoT devices that are connected to corporate networks, running a separate and isolated network for IoT devices, and consistent monitoring of IoT devices to detect any odd behavior such as pings to external servers. A full list of recommendations can be found on the Microsoft Research Center blog.

Working For Notebookcheck

Are you a techie who knows how to write? Then join our Team! Especially English native speakers welcome!

Currently wanted: 
News and Editorial Editor - Details here

static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2019 08 > Microsoft security researchers discover new cyber attack through Internet of Things connected devices
Sam Medley, 2019-08- 6 (Update: 2019-08- 6)
Sam Medley
Sam Medley - Review Editor - @samuel_medley
I've been a "tech-head" my entire life. After graduating college with a degree in Mathematics, I worked in finance and banking a few years before taking a job as a Systems Analyst for my local school district. I started working with Notebookcheck in October of 2016 and have enjoyed writing news articles and notebook reviews. My areas of interest include the business side of technology, retro gaming, Linux, and innovative gadgets. When I'm not hunched over an electronic device or writing code for a new database, I'm either outside with my family, playing a decade-old video game, or sitting behind a drum set.