It’s no secret that hackers focus on the weakest link on a network to gain entry. A group of skilled hackers did the same in their attempt to compromise a company — targeting a printer.
Microsoft discovered the attack and determined the connected devices were used as an initial entry into the victim’s network. Because the intrusion was caught in its early stage, the researchers could not ascertain the intention of the attacker.
“In two of the cases, the passwords for the devices were deployed without changing the default manufacturer’s passwords and in the third instance the latest security update had not been applied to the device,” Microsoft says in a report.
This attack is attributed to a group of advanced hackers Microsoft calls Strontium. They are responsible for multiple cyber-espionage operations across the world, targeting organizations in different fields of activity; their methods are usually innovative, stealthy and very complicated.
However, this time they used a simple way to break-in, taking advantage of the same weak security practices normally observed with regular users: default passwords and outdated software. Once they gain access to an internal device, the attacker can hop to other computers on the network and look for high-value information.
Most hackers are at least capable of exploiting simple security issues to enslave IoT devices and form botnets to launch distributed denial-of-service (DDoS) attacks and for other types of nefarious business, like communication tunnels and malware storage.
As Microsoft discovered and thwarted the Strontium attack, this shows that basic security measures could keep out even a more advanced adversary. Changing the factory login passwords to unique examples locks another door against hackers, as does using the latest firmware update from the manufacturer.
It’s highly unlikely that Strontium will switch to consumer targets in the future, but cybercriminals are always on the prowl for insecure devices. You can make a hacker’s task more difficult by following some easy steps to increase the security of your IoT devices. Additionally, a hardware security solution at the network level could alert you to vulnerabilities in nodes on the network or weak login passwords, or block exploitation attempts.
Image credit: succo
tags
November 14, 2024
September 06, 2024