Russian state-sponsored hackers behind IoT cyberattacks, Microsoft says

12:20, 07 August 2019
World
627 0
REUTERS

Security experts from Microsoft's Threat Intelligence Center said that in April they discovered "infrastructure of a known adversary communicating to several external devices", which basically translates to hacking activity across a trio of IoT devices: a VOIP phone, an office printer, and a video decoder, The Inquirer reports.

"The investigation uncovered that an actor had used these devices to gain initial access to corporate networks. In two of the cases, the passwords for the devices were deployed without changing the default manufacturer's passwords and in the third instance the latest security update had not been applied to the device," the researchers said.

Read alsoRussia linked to cyberattacks on Bellingcat researchers probing GRU

And such tempting targets are clearly appealing to Russian hackers, according to Microsoft. The firm's security center found that the IoT attacks it spotted all fed back to a server belonging to the STRONTIUM state-sponsored hacking group, also known as Fancy Bear.

Given Microsoft noticed the IoT hacking at its early stages, it wasn't able to figure out why the hackers were trying to crack into the network. But it did note the attacks seemed aimed at specific sectors, which would indicate that such attacks are properly targeted and have specific cyber objectives.

"Over the last twelve months, Microsoft has delivered nearly 1,400 nation-state notifications to those who have been targeted or compromised by STRONTIUM," the researchers said.

"One in five notifications of STRONTIUM activity were tied to attacks against non-governmental organizations, think tanks, or politically affiliated organizations around the world. The remaining 80% of STRONTIUM attacks have largely targeted organizations in the following sectors: government, IT, military, defense, medicine, education, and engineering."

Read alsoRussian FSB hacked: "Largest data breach in its history"

Microsoft touted various ways one might defend themselves against IoT hack, such as using a separate network for the devices and developing a custom security policy for each IoT gizmo.

If you see a spelling error on our site, select it and press Ctrl+Enter