Abstract
With the upgrade of ICT infrastructure at a rocketed pace, diversification of applications and involvement of the Internet have increased. This evolution has led to the production, development, and implementation of various smart software/hardware solutions in multiple dimensions to make the process faster, smooth, accessible, and inclusive. The story of IoT (Internet of things) is a game-changer in several fields at different levels, starting from an office to home and industries. The term IoT was coined in 1999 by Kevin Ashton, since then it has seen an exponential growth, and now it has become ubiquitous. IoT may be summarized as the group of interrelated/interconnected devices embedded with sensors, software, actuator, and technology over the network for exchanging the data over the Internet without human involvement. Like any other technology, IoT has its pros and cons. In the last decade, cyber criminals have exploited many attack vectors, several of which can be used to exploit and launch attacks on IoT devices too. IoT attacks have increased substantially over the years, and there has been a jump of 900% in such attacks in 2019. Due to various constraints, IoT solutions don’t possess traditional security solutions or mechanisms to identify anomalies. Multiple security issues in IoT devices are persistent because of the limitation of computational power, hardware, and storage. These limitations make IoT devices more prone to cyber-attacks. IoT cyber-attacks are ranging from DDoS, MITM, brute-forcing, eavesdropping, privilege scaling to more sophisticated ransomware attacks and many more. This chapter will discuss multiple cyber-attacks, their mechanisms and TTPs, along with their impact on IoT infrastructure. This will also include security flaws that were exploited and related challenges in a holistic way at a single place. Statistical data leading to trend analysis along with shares of various attack campaigns shall also be highlighted in this study to give the readers more insight. In order to overcome these issues, remedial measures and mitigation policies will also be discussed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Fortune Business Insights report., https://www.fortunebusinessinsights.com/industry-reports/internet-of-things-iot-market-100307. Last accessed 13 Nov 2020
Gartner, Inc. report (2019), https://www.gartner.com/en/newsroom/press-releases/2019-08-29-gartner-says-5-8-billion-enterprise-and-automotive-io. Last accessed 11 Nov 2020
Gartner, Inc. report (2018), https://www.gartner.com/en/newsroom/press-releases/2018-11-07-gartner-identifies-top-10-strategic-iot-technologies-and-trends. Last accessed 06 Nov 2020
G.D. Maayan, Security today article. The IoT Rundown for 2020: Stats, Risks, and Solutions. (2020), https://securitytoday.com/Articles/2020/01/13/The-IoT-Rundown-for-2020.aspx? Page=1. Last accessed 08 Nov 2020
OWASP Internet of Things Project, https://wiki.owasp.org/index.php/OWASP_Internet_of_ Things_Project#tab=IoT_Top_10. Last accessed 08 Nov 2020
Unit 42 (Palo Alto Networks) IoT threat report/white paper (2020), https://iotbusinessnews.com/download/white-papers/UNIT42-IoT-Threat-Report.pdf. Last accessed 10 Nov 2020
Attack Landscape H1 2020. Blog F-Secure. https://blog-assets.f-secure.com/wp-content/uploads/2020/09/17142720/F-Secure-attack-landscape-h12020.pdf. Last accessed 14 Nov 2020
EternalBlue (CVE-2017-0144). https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0144
EternalRed (CVE-2017-7494). https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7494
K. Angrishi, Turning Internet of Things (IoT) into Internet of Vulnerabilities (IoV): IoT Botnets. arXiv:1702.03681v1 [cs.NI]. https://arxiv.org/pdf/1702.03681.pdf, Pages 5–7, 9. (2017)
Trend Micro Security news. Into the Battlefield: A Security Guide to IoT Botnets (2019), https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/into-the-battlefield-a- security-guide-to-iot-botnets#:~:text=LuaBot%20is%20notable%20for%20being,conducted %20application%20level%20DDoS%20attacks. Last accessed 12 Nov 2020
P. Macgregor., insecurety.net news. Hydra IRC bot, the 25 minute overview of the kit. http://insecurety.net/hydra-irc-bot-the-25-minute-overview-of-the-kit/. Last accessed 13 Nov 2020
I. Paul, PCWorld article. Nasty new worm targets home routers, cable modems. (2009), https://www.pcworld.com/article/161941/nasty_worm_targets_home_networks.html. Last accessed 04 Nov 2020
Dronebl Blog. https://www.dronebl.org/blog/8
C. Guevarra, Blog Trend Micro. Botnet Rises in the Name of Chuck Norris. (2010), https://blog.trendmicro.com/trendlabs-security-intelligence/botnet-rises-in-the-name-of-chuck -norris/?_ga=2.95967583.233007207.1604856463-1391622009.1604698086. Last accessed 14 Nov 2020
Microsoft Security Bulletin MS03-039 – Critical (10/09/2003), https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-039. Last accessed 14 Nov 2020
NJCCIC Threat Profile (2016), https://www.cyber.nj.gov/threat-center/threat-profiles/botnet-variants/aidra-botnet. Last accessed 10 Nov 2020
I Thomson, The Register. Researcher sets up illegal 420,000 node botnet for IPv4 internet map. (2013), https://www.theregister.com/2013/03/19/carna_botnet_ipv4_internet_map/. Last accessed 10 Nov 2020
Internet Census 2012. Port scanning /0 using insecure embedded devices. https://web.archive.org/web/20130325080636/http://internetcensus2012.bitbucket.org/paper.html. Last accessed 11 Nov 2020
Broadcom Community, IoT worm used to mine cryptocurrency. (2014),https://community.broadcom.com/symantecenterprise/communities/community-home/libra rydocuments/viewdocument?DocumentKey=00fcdbad-954d-42ff-af50-4d74001bdcbb&Co mmunityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments. Last accessed 10 Nov 2020
S. Schick, SecurityIntelligence news. Linux.Wifatch: The router virus that may be secretly defending you from other Malware. (2015), https://securityintelligence.com/news/linux-wifatch-the-router-virus-that-may-be-secretly-defending-you-from-other-malware/. Last accessed 11 Nov 2020
Broadcom Community, Is there an Internet-of-Things vigilante out there? (2015), https://community.broadcom.com/symantecenterprise/communities/community-home/library documents/viewdocument?DocumentKey=ef23b297-5cc6-4c4a-b2e7-ff4163596S5fe&Comm unityKey=1ecf5f55-9545-44d6-b0f4-4e4a7f5f5e68&tab=librarydocuments. Last accessed 10 Nov 2020
Akamai [state-of-the-internet] Threat-advisory., https://www.akamai.com/fr/fr/multimedia/documents/state-of-the-internet/spike-ddos-toolkit-threat-advisory.pdf. Last accessed 14 Nov 2020
T.H. Phu, K.H. Dang, D.N. Quoc, N.T. Dai, Binh NN. A novel framework to classify malware in MIPS architecture-Based IoT devices”. (2019). Editor: Genge Bela (academic). https://www.hindawi.com/journals/scn/2019/4073940/. https://doi.org/10.1155/2019/4073940
M. Vicente, B. Gelera, A. Remillano II, C. Toyama, J. Urbanec, TrendMicro News. Bashlite updated with mining and backdoor commands. (2019), https://www.trendmicro.com/en_us/research/19/d/bashlite-iot-malware-updated-with-mining-and-backdoor-commands-targets-wemo-devices.html?_ga=2.24141561.233007207.1604856463-1391622009.1604698086. Last accessed 14 Nov 2020
L. Loeb, SecurityIntelligence news. BASHLITE malware uses IoT for DDoS attacks. (2016), https://securityintelligence.com/news/bashlite-malware-uses-iot-for-ddos-attacks/. Last accessed 10 Nov 2020
D. Voolf, S. Boddy, R. Cohen, S. Vinberg, F5-Labs Article. Gafgyt Targeting Huawei and Asus Routers and Killing Off Rival IoT Botnets. (2019), https://www.f5.com/labs/articles/threat-intelligence/gafgyt-targeting-huawei-and-asus-routers-and-killing-off-rival-iot-botnets. Last accessed 14 Nov 2020
W. Ashford., ComputerWeekly.com news. LizardStresser IoT botnet launches 400Gbps DDoS attack. (2016), https://www.computerweekly.com/news/450299445/LizardStresser-IoT-botnet-launches-400Gbps-DDoS-attack. Last accessed 10 Nov 2020
P. Paganini, Security Affairs Article. A new BASHLITE variant infects devices running BusyBox. (2014), http://securityaffairs.co/wordpress/30225/cyber-crime/bashlite-exploits-shellshock.html. Last accessed 11 Nov 2020
The MalwareMustDie Blog (2016), https://blog.malwaremustdie.org/2016/09/mmd-0057-2016-new-elf-botnet-linuxluabot.html. Last accessed 09 Nov 2020
P. Paganini, Security Affairs news. The Linux Remaiten malware is building a Botnet of IoT devices. (2016), http://securityaffairs.co/wordpress/45820/iot/linux-remaiten-iot-botnet.html, Last accessed 09/11/2020
M. Malik, M-E. Léveillé, ESET. Meet Remaiten – a Linux bot on steroids targeting routers and potentially other IoT devices. (2016), https://www.welivesecurity.com/2016/03/30/meet-remaiten-a-linux-bot-on-steroids-targeting-routers-and-potentially-other-iot-devices/. Last ac- cessed 13 Nov 2020
E. Bursztein, The Cloudflare blog. Inside the infamous Mirai IoT Botnet: A retrospective analysis. (2017), https://blog.cloudflare.com/inside-mirai-the-infamous-iot-botnet-a-ret rospective-analysis/#:~:text=By%20the%20end%20of%20its,infected%20over%20600%2C0 00%20IoT%20devices. Last accessed 14 Nov 2020
C. Kolias, G. Kambourakis, DDoS in the IoT: Mirai and other botnets. (2017), https://www.researchgate.net/profile/Constantinos_Kolias/publication/318288727_DDoS_in_ the_IoT_Mirai_and_other_botnets/links/59dba11a458515e9ab451487/DDoS-in-the-IoT-Mir ai-and-other-botnets.pdf. Last accessed 13 Nov 2020
Krebs B, KrebsOnSecurity, KrebsOnSecurity Hit With Record DDoS. (2016), https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/. Last accessed 14 Nov 2020
D. Goodin, ars TECHNICA article. Record-breaking DDoS reportedly delivered by >145K hacked cameras. (2016), https://arstechnica.com/information-technology/2016/09/botnet-of-145k-cameras-reportedly-deliver-internets-biggest-ddos-ever/. Last accessed 14 Nov 2020
C. Williams, The Register. Today the web was broken by countless hacked devices – your 60-second summary. (2016), https://www.theregister.com/2016/10/21/dyn_dns_ddos_explained. Last accessed 11 Nov 2020
B. Krebs, KrebsOnSecurity. Did the Mirai botnet really take Liberia offline? (2016), https://krebsonsecurity.com/2016/11/did-the-mirai-botnet-really-take-liberia-offline/. Last accessed 14 Nov 2020
S. Moss, Data Centre Dynamics. DDoS attack knocks out Finnish heating. (2016), https://www.datacenterdynamics.com/en/news/ddos-attack-knocks-out-finnish-heating/. Last accessed 14 Nov 2020
J. Kirk, Bank Info security news. Mirai botnet knocks out Deutsche Telekom Routers. (2016), https://www.bankinfosecurity.com/mirai-botnet-knocks-out-deutsche-telekom-routers-a-9565. Last accessed 14 Nov 2020
T. Yeh, D. Chiu, K. Lu, Trend micro alert news. Persirai: New IoT botnet targets IP cameras. (2017), https://www.trendmicro.com/en_us/research/17/e/persirai-new-internet-things-iot-botnet-targets-ip-cameras.html. Last accessed 14/11/2020
P. Kim, Github blog. (2017), https://pierrekim.github.io/blog/2017-03-08-camera-goahead-0day.html. Last accessed 14 Nov 2020
Radware Threat Advisory, BrickerBot results in PDoS attack. (2017), https://security.radware.com/ddos-threats-attacks/brickerbot-pdos-permanent-denial-of-service/. Last accessed 14 Nov 2020
Trend Micro Security News, BrickerBot malware emerges, permanently bricks IoT devices. (2017), https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/brickerbot-malware-permanently-bricks-iot-devices. Last accessed 14 Nov 2020
360 NetLab Blog (2017), https://blog.netlab.360.com/iot_reaper-a-rappid-spreading-new-iot-botnet-en/. Last accessed 08 Nov 2020
Check Point Research, A new IoT botnet storm is coming. (2017), https://research.checkpoint.com/new-iot-botnet-storm-coming/. Last accessed 10 Nov 2020
Malpedia News., https://malpedia.caad.fkie.fraunhofer.de/details/elf.satori. Last accessed 14 Nov 2020
360 NetLab Blog (2017), https://blog.netlab.360.com/warning-satori-a-new-mirai-variant-is-spreading-in-worm-style-on-port-37215-and-52869-en/. Last accessed 14 Nov 2020
J. Leyden, The Register. Mysterious Hajime botnet has pwned 300,000 IoT devices. (2017), https://www.theregister.com/2017/04/27/hajime_iot_botnet/. Last accessed 14 Nov 2020
Kaspersky/Press- release (2017), https://www.kaspersky.com/about/press-releases/2017_ 300000-obeying-devices-hajime-is-conquering-the-internet-of-things-world. Last accessed 14 Nov 2020
D. Macmillen, W. Gao, C. Debeck, Security intelligence post. A new botnet attack just mozied into town. (2020), https://securityintelligence.com/posts/botnet-attack-mozi-mozied-into-town/. Last accessed 14 Nov 2020
360 NetLab Blog (2019), https://blog.netlab.360.com/mozi-another-botnet-using-dht/. Last accessed 14 Nov 2020
Cynet report. https://www.cynet.com/endpoint-protection-and-edr/edr-cybersecurity-unlocking-the-black-box-of-endpoint-protection/. Last accessed 14 Nov 2020
A. Costin, J. Zaddach, BlackHat, USA (2018), https://i.blackhat.com/us-18/Thu-August-9/us-18-Costin-Zaddach-IoT-Malware-Comprehensive-Survey-Analysis-Framework-and-Case-Studies-wp.pdf
Z. Whittaker, ZDNet Article. Fear the Reaper? Experts reassess the botnet’s size and firepower. (2017), https://www.zdnet.com/article/reaper-botnet-experts-reassess-size-and-firepower/. Last accessed 25 Nov 2020
D. Holmes, J. Shuttuck, F5 Labs. Blog reaper: The professional bot Herder’s thingbot. (2017), https://www.f5.com/labs/articles/threat-intelligence/reaper-the-professional-bot-herders-thing bot#:~:text=Size%20and%20Position,nearly%2085%2C000%20devices%20per%20day. Last accessed 25 Nov 2020
EMnify Article, “Iot for all” IoT attacks, hacker motivations, and recommended countermeasures. (2020), https://www.iotforall.com/iot-attacks-hacker-motivation#:~:text= IoT%20attacks%20increased%20by%20900%25%20in%202019.&text=Multiple%20devices %20with%20the%20same,owners%20deploy%20their%20machines%20remotely, Last acc-essed 14/11/2020
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Prajapati, S., Singh, A. (2022). Cyber-Attacks on Internet of Things (IoT) Devices, Attack Vectors, and Remedies: A Position Paper. In: Verma, J.K., Saxena, D., González-Prida, V. (eds) IoT and Cloud Computing for Societal Good. EAI/Springer Innovations in Communication and Computing. Springer, Cham. https://doi.org/10.1007/978-3-030-73885-3_17
Download citation
DOI: https://doi.org/10.1007/978-3-030-73885-3_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-73884-6
Online ISBN: 978-3-030-73885-3
eBook Packages: EngineeringEngineering (R0)