Cybercriminals using IoT devices to spread malware attacks

A Symantec report has revealed that cybercriminal networks are taking advantage of security shortcomings in Internet of Things (IoT) devices to spread malware and create zombie networks, or botnets, without the knowledge of their device owners.

Symantec’s Security Response team discovered that cybercriminals are hijacking home networks and everyday consumer connected devices to help carry out Distributed Denial of Service (DDoS) attacks on more profitable targets, usually large companies.

A DDoS attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources.

More than half of all IoT attacks originate from China and the US, based on the location of IP addresses to launch malware attacks.

High numbers of attacks are also emanating from Germany, the Netherlands, Russia, Ukraine and Vietnam.

According to the report, targeted IoT devices include home networks, routers, modems, CCTV systems and industrial control systems.

As attackers are now highly aware of insufficient IoT security, many pre-programme their malware with commonly used and default passwords, allowing them to easily hijack IoT devices since they are designed to be plugged in and forgotten after basic set-up, the company said in a statement.

Meanwhile, Symantec has also discovered that Ransomware has emerged as one of the most dangerous cyberthreats facing both organizations and consumers, with global losses now likely running to hundreds of millions of dollars.

Symantec in a new report, consumers are the most likely victims of ransomware, accounting for 57 per cent of all infections between January 2015 and April 2016.

Consumer ransomware campaigns are automated, with most attack groups simply attempting to infect as many computers as possible to maximise their returns. As a result, the majority of ransomware variants are designed to attack Windows computers.

“Ransomware can vary from holding treasured family photos, hijacking unfin-ished manuscripts for novels, and blocking access to tax returns, banking records, and other valuable documents to ransom. Moreover, there is no guarantee that paying the ransom will release those padlocks,” the firm stated.

The report said that the perfection of the ransomware business model has created a gold-rush mentality among attackers, as growing numbers seek to cash in. Infection numbers are trending upwards; with the number of new ransomware families discovered annually reaching an all-time high of 100 last year.

All but one of the new ransomware variants discovered in 2016 were crypto-ransomware, compared to around 80 per cent last year. Crypto-ransomware uses unbreakable encryption on the user’s files. If the victim has no back-ups, paying the ransom is the only alternative.