nach oben

Erschienen in:

2022 | OriginalPaper | Buchkapitel

17. Cyber-Attacks on Internet of Things (IoT) Devices, Attack Vectors, and Remedies: A Position Paper

verfasst von : Shubham Prajapati, Amit Singh

Erschienen in: IoT and Cloud Computing for Societal Good

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

With the upgrade of ICT infrastructure at a rocketed pace, diversification of applications and involvement of the Internet have increased. This evolution has led to the production, development, and implementation of various smart software/hardware solutions in multiple dimensions to make the process faster, smooth, accessible, and inclusive. The story of IoT (Internet of things) is a game-changer in several fields at different levels, starting from an office to home and industries. The term IoT was coined in 1999 by Kevin Ashton, since then it has seen an exponential growth, and now it has become ubiquitous. IoT may be summarized as the group of interrelated/interconnected devices embedded with sensors, software, actuator, and technology over the network for exchanging the data over the Internet without human involvement. Like any other technology, IoT has its pros and cons. In the last decade, cyber criminals have exploited many attack vectors, several of which can be used to exploit and launch attacks on IoT devices too. IoT attacks have increased substantially over the years, and there has been a jump of 900% in such attacks in 2019. Due to various constraints, IoT solutions don’t possess traditional security solutions or mechanisms to identify anomalies. Multiple security issues in IoT devices are persistent because of the limitation of computational power, hardware, and storage. These limitations make IoT devices more prone to cyber-attacks. IoT cyber-attacks are ranging from DDoS, MITM, brute-forcing, eavesdropping, privilege scaling to more sophisticated ransomware attacks and many more. This chapter will discuss multiple cyber-attacks, their mechanisms and TTPs, along with their impact on IoT infrastructure. This will also include security flaws that were exploited and related challenges in a holistic way at a single place. Statistical data leading to trend analysis along with shares of various attack campaigns shall also be highlighted in this study to give the readers more insight. In order to overcome these issues, remedial measures and mitigation policies will also be discussed.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Enhancing Security in IoT Instruments Using Artificial Intelligence

Nächstes Kapitel Privacy-Secure Link Utilization Routing Algorithm (PSLU) for Improving Performance in IoT and Cloud Computing

Fortune Business Insights report., https://www.fortunebusinessinsights.com/industry-reports/internet-of-things-iot-market-100307. Last accessed 13 Nov 2020

Gartner, Inc. report (2019), https://www.gartner.com/en/newsroom/press-releases/2019-08-29-gartner-says-5-8-billion-enterprise-and-automotive-io. Last accessed 11 Nov 2020

Gartner, Inc. report (2018), https://www.gartner.com/en/newsroom/press-releases/2018-11-07-gartner-identifies-top-10-strategic-iot-technologies-and-trends. Last accessed 06 Nov 2020

G.D. Maayan, Security today article. The IoT Rundown for 2020: Stats, Risks, and Solutions. (2020), https://securitytoday.com/Articles/2020/01/13/The-IoT-Rundown-for-2020.aspx? Page=1. Last accessed 08 Nov 2020

OWASP Internet of Things Project, https://wiki.owasp.org/index.php/OWASP_Internet_of_ Things_Project#tab=IoT_Top_10. Last accessed 08 Nov 2020

Unit 42 (Palo Alto Networks) IoT threat report/white paper (2020), https://iotbusinessnews.com/download/white-papers/UNIT42-IoT-Threat-Report.pdf. Last accessed 10 Nov 2020

Attack Landscape H1 2020. Blog F-Secure. https://blog-assets.f-secure.com/wp-content/uploads/2020/09/17142720/F-Secure-attack-landscape-h12020.pdf. Last accessed 14 Nov 2020

EternalBlue (CVE-2017-0144). https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0144

EternalRed (CVE-2017-7494). https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7494

10.

K. Angrishi, Turning Internet of Things (IoT) into Internet of Vulnerabilities (IoV): IoT Botnets. arXiv:1702.03681v1 [cs.NI]. https://arxiv.org/pdf/1702.03681.pdf, Pages 5–7, 9. (2017)

11.

Trend Micro Security news. Into the Battlefield: A Security Guide to IoT Botnets (2019), https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/into-the-battlefield-a- security-guide-to-iot-botnets#:~:text=LuaBot%20is%20notable%20for%20being,conducted %20application%20level%20DDoS%20attacks. Last accessed 12 Nov 2020

12.

P. Macgregor., insecurety.net news. Hydra IRC bot, the 25 minute overview of the kit. http://insecurety.net/hydra-irc-bot-the-25-minute-overview-of-the-kit/. Last accessed 13 Nov 2020

13.

I. Paul, PCWorld article. Nasty new worm targets home routers, cable modems. (2009), https://www.pcworld.com/article/161941/nasty_worm_targets_home_networks.html. Last accessed 04 Nov 2020

14.

Dronebl Blog. https://www.dronebl.org/blog/8

15.

C. Guevarra, Blog Trend Micro. Botnet Rises in the Name of Chuck Norris. (2010), https://blog.trendmicro.com/trendlabs-security-intelligence/botnet-rises-in-the-name-of-chuck -norris/?_ga=2.95967583.233007207.1604856463-1391622009.1604698086. Last accessed 14 Nov 2020

16.

Microsoft Security Bulletin MS03-039 – Critical (10/09/2003), https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-039. Last accessed 14 Nov 2020

17.

NJCCIC Threat Profile (2016), https://www.cyber.nj.gov/threat-center/threat-profiles/botnet-variants/aidra-botnet. Last accessed 10 Nov 2020

18.

I Thomson, The Register. Researcher sets up illegal 420,000 node botnet for IPv4 internet map. (2013), https://www.theregister.com/2013/03/19/carna_botnet_ipv4_internet_map/. Last accessed 10 Nov 2020

19.

Internet Census 2012. Port scanning /0 using insecure embedded devices. https://web.archive.org/web/20130325080636/http://internetcensus2012.bitbucket.org/paper.html. Last accessed 11 Nov 2020

20.

Broadcom Community, IoT worm used to mine cryptocurrency. (2014),https://community.broadcom.com/symantecenterprise/communities/community-home/libra rydocuments/viewdocument?DocumentKey=00fcdbad-954d-42ff-af50-4d74001bdcbb&Co mmunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments. Last accessed 10 Nov 2020

21.

S. Schick, SecurityIntelligence news. Linux.Wifatch: The router virus that may be secretly defending you from other Malware. (2015), https://securityintelligence.com/news/linux-wifatch-the-router-virus-that-may-be-secretly-defending-you-from-other-malware/. Last accessed 11 Nov 2020

22.

Broadcom Community, Is there an Internet-of-Things vigilante out there? (2015), https://community.broadcom.com/symantecenterprise/communities/community-home/library documents/viewdocument?DocumentKey=ef23b297-5cc6-4c4a-b2e7-ff4163596S5fe&Comm unityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments. Last accessed 10 Nov 2020

23.

Akamai [state-of-the-internet] Threat-advisory., https://www.akamai.com/fr/fr/multimedia/documents/state-of-the-internet/spike-ddos-toolkit-threat-advisory.pdf. Last accessed 14 Nov 2020

24.

T.H. Phu, K.H. Dang, D.N. Quoc, N.T. Dai, Binh NN. A novel framework to classify malware in MIPS architecture-Based IoT devices”. (2019). Editor: Genge Bela (academic). https://www.hindawi.com/journals/scn/2019/4073940/. https://doi.org/10.1155/2019/4073940

25.

M. Vicente, B. Gelera, A. Remillano II, C. Toyama, J. Urbanec, TrendMicro News. Bashlite updated with mining and backdoor commands. (2019), https://www.trendmicro.com/en_us/research/19/d/bashlite-iot-malware-updated-with-mining-and-backdoor-commands-targets-wemo-devices.html?_ga=2.24141561.233007207.1604856463-1391622009.1604698086. Last accessed 14 Nov 2020

26.

L. Loeb, SecurityIntelligence news. BASHLITE malware uses IoT for DDoS attacks. (2016), https://securityintelligence.com/news/bashlite-malware-uses-iot-for-ddos-attacks/. Last accessed 10 Nov 2020

27.

D. Voolf, S. Boddy, R. Cohen, S. Vinberg, F5-Labs Article. Gafgyt Targeting Huawei and Asus Routers and Killing Off Rival IoT Botnets. (2019), https://www.f5.com/labs/articles/threat-intelligence/gafgyt-targeting-huawei-and-asus-routers-and-killing-off-rival-iot-botnets. Last accessed 14 Nov 2020

28.

W. Ashford., ComputerWeekly.com news. LizardStresser IoT botnet launches 400Gbps DDoS attack. (2016), https://www.computerweekly.com/news/450299445/LizardStresser-IoT-botnet-launches-400Gbps-DDoS-attack. Last accessed 10 Nov 2020

29.

P. Paganini, Security Affairs Article. A new BASHLITE variant infects devices running BusyBox. (2014), http://securityaffairs.co/wordpress/30225/cyber-crime/bashlite-exploits-shellshock.html. Last accessed 11 Nov 2020

30.

The MalwareMustDie Blog (2016), https://blog.malwaremustdie.org/2016/09/mmd-0057-2016-new-elf-botnet-linuxluabot.html. Last accessed 09 Nov 2020

31.

P. Paganini, Security Affairs news. The Linux Remaiten malware is building a Botnet of IoT devices. (2016), http://securityaffairs.co/wordpress/45820/iot/linux-remaiten-iot-botnet.html, Last accessed 09/11/2020

32.

M. Malik, M-E. Léveillé, ESET. Meet Remaiten – a Linux bot on steroids targeting routers and potentially other IoT devices. (2016), https://www.welivesecurity.com/2016/03/30/meet-remaiten-a-linux-bot-on-steroids-targeting-routers-and-potentially-other-iot-devices/. Last ac- cessed 13 Nov 2020

33.

E. Bursztein, The Cloudflare blog. Inside the infamous Mirai IoT Botnet: A retrospective analysis. (2017), https://blog.cloudflare.com/inside-mirai-the-infamous-iot-botnet-a-ret rospective-analysis/#:~:text=By%20the%20end%20of%20its,infected%20over%20600%2C0 00%20IoT%20devices. Last accessed 14 Nov 2020

34.

C. Kolias, G. Kambourakis, DDoS in the IoT: Mirai and other botnets. (2017), https://www.researchgate.net/profile/Constantinos_Kolias/publication/318288727_DDoS_in_ the_IoT_Mirai_and_other_botnets/links/59dba11a458515e9ab451487/DDoS-in-the-IoT-Mir ai-and-other-botnets.pdf. Last accessed 13 Nov 2020

35.

Krebs B, KrebsOnSecurity, KrebsOnSecurity Hit With Record DDoS. (2016), https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/. Last accessed 14 Nov 2020

36.

D. Goodin, ars TECHNICA article. Record-breaking DDoS reportedly delivered by >145K hacked cameras. (2016), https://arstechnica.com/information-technology/2016/09/botnet-of-145k-cameras-reportedly-deliver-internets-biggest-ddos-ever/. Last accessed 14 Nov 2020

37.

C. Williams, The Register. Today the web was broken by countless hacked devices – your 60-second summary. (2016), https://www.theregister.com/2016/10/21/dyn_dns_ddos_explained. Last accessed 11 Nov 2020

38.

B. Krebs, KrebsOnSecurity. Did the Mirai botnet really take Liberia offline? (2016), https://krebsonsecurity.com/2016/11/did-the-mirai-botnet-really-take-liberia-offline/. Last accessed 14 Nov 2020

39.

S. Moss, Data Centre Dynamics. DDoS attack knocks out Finnish heating. (2016), https://www.datacenterdynamics.com/en/news/ddos-attack-knocks-out-finnish-heating/. Last accessed 14 Nov 2020

40.

J. Kirk, Bank Info security news. Mirai botnet knocks out Deutsche Telekom Routers. (2016), https://www.bankinfosecurity.com/mirai-botnet-knocks-out-deutsche-telekom-routers-a-9565. Last accessed 14 Nov 2020

41.

T. Yeh, D. Chiu, K. Lu, Trend micro alert news. Persirai: New IoT botnet targets IP cameras. (2017), https://www.trendmicro.com/en_us/research/17/e/persirai-new-internet-things-iot-botnet-targets-ip-cameras.html. Last accessed 14/11/2020

42.

P. Kim, Github blog. (2017), https://pierrekim.github.io/blog/2017-03-08-camera-goahead-0day.html. Last accessed 14 Nov 2020

43.

Radware Threat Advisory, BrickerBot results in PDoS attack. (2017), https://security.radware.com/ddos-threats-attacks/brickerbot-pdos-permanent-denial-of-service/. Last accessed 14 Nov 2020

44.

Trend Micro Security News, BrickerBot malware emerges, permanently bricks IoT devices. (2017), https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/brickerbot-malware-permanently-bricks-iot-devices. Last accessed 14 Nov 2020

45.

360 NetLab Blog (2017), https://blog.netlab.360.com/iot_reaper-a-rappid-spreading-new-iot-botnet-en/. Last accessed 08 Nov 2020

46.

Check Point Research, A new IoT botnet storm is coming. (2017), https://research.checkpoint.com/new-iot-botnet-storm-coming/. Last accessed 10 Nov 2020

47.

Malpedia News., https://malpedia.caad.fkie.fraunhofer.de/details/elf.satori. Last accessed 14 Nov 2020

48.

360 NetLab Blog (2017), https://blog.netlab.360.com/warning-satori-a-new-mirai-variant-is-spreading-in-worm-style-on-port-37215-and-52869-en/. Last accessed 14 Nov 2020

49.

J. Leyden, The Register. Mysterious Hajime botnet has pwned 300,000 IoT devices. (2017), https://www.theregister.com/2017/04/27/hajime_iot_botnet/. Last accessed 14 Nov 2020

50.

Kaspersky/Press- release (2017), https://www.kaspersky.com/about/press-releases/2017_ 300000-obeying-devices-hajime-is-conquering-the-internet-of-things-world. Last accessed 14 Nov 2020

51.

D. Macmillen, W. Gao, C. Debeck, Security intelligence post. A new botnet attack just mozied into town. (2020), https://securityintelligence.com/posts/botnet-attack-mozi-mozied-into-town/. Last accessed 14 Nov 2020

52.

360 NetLab Blog (2019), https://blog.netlab.360.com/mozi-another-botnet-using-dht/. Last accessed 14 Nov 2020

53.

Cynet report. https://www.cynet.com/endpoint-protection-and-edr/edr-cybersecurity-unlocking-the-black-box-of-endpoint-protection/. Last accessed 14 Nov 2020

54.

A. Costin, J. Zaddach, BlackHat, USA (2018), https://i.blackhat.com/us-18/Thu-August-9/us-18-Costin-Zaddach-IoT-Malware-Comprehensive-Survey-Analysis-Framework-and-Case-Studies-wp.pdf

55.

Z. Whittaker, ZDNet Article. Fear the Reaper? Experts reassess the botnet’s size and firepower. (2017), https://www.zdnet.com/article/reaper-botnet-experts-reassess-size-and-firepower/. Last accessed 25 Nov 2020

56.

D. Holmes, J. Shuttuck, F5 Labs. Blog reaper: The professional bot Herder’s thingbot. (2017), https://www.f5.com/labs/articles/threat-intelligence/reaper-the-professional-bot-herders-thing bot#:~:text=Size%20and%20Position,nearly%2085%2C000%20devices%20per%20day. Last accessed 25 Nov 2020

57.

EMnify Article, “Iot for all” IoT attacks, hacker motivations, and recommended countermeasures. (2020), https://www.iotforall.com/iot-attacks-hacker-motivation#:~:text= IoT%20attacks%20increased%20by%20900%25%20in%202019.&text=Multiple%20devices %20with%20the%20same,owners%20deploy%20their%20machines%20remotely, Last acc-essed 14/11/2020

Titel: Cyber-Attacks on Internet of Things (IoT) Devices, Attack Vectors, and Remedies: A Position Paper
verfasst von: Shubham Prajapati
Amit Singh
Verlag: Springer International Publishing
Buch: IoT and Cloud Computing for Societal Good
Print ISBN: 978-3-030-73884-6

Electronic ISBN: 978-3-030-73885-3

Copyright-Jahr: 2022
DOI: https://doi.org/10.1007/978-3-030-73885-3_17

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner