View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
September 23, 2016updated 13 Jan 2017 12:04pm

Boom in IoT cyber attacks as hackers use malware to hijack devices

Weak password combinations are allowing hackers to use IoT devices for DDoS attacks.

By Alexander Sword

Symantec research has found that hackers are increasingly taking control of poor security on Internet of Things (IoT) devices in order to hijack them for DDoS attacks.

The research found that 2015 was a record year for IoT attacks, with eight new IoT malware types being discovered. In 2013 there were two and in 2014 there were three.

In 2016, the number of new IoT malware families fell to two, although Symantec found that much of the malware from 2015 was still active.

The most common passwords used by the malware to hack into the IoT devices was the combination of ‘root’ for the username and ‘admin’ for the password. Other common combinations included the reversal of these, as well as combinations involving the word ‘password’, number combinations such as 1234 and keyboard combinations such as ‘qwerty’.

The combination of ‘raspberry’ and ‘pi’, the default credentials on the Raspberry Pi, was also common, indicating attackers are focusing on this platform.

According to the research, the most common attacks came from China, accounting for 34 percent, and the US, accounting for 28 percent.

The report follows a possible real-world example of an IoT botnet in action: the security blog KrebsOnSecurity was hit by a large-scale DDoS attack which owner Brian Krebs suggested had come from an IoT botnet.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

The site was hit by a DDoS attack of around 620 Gbps on 20 September, which seemed to use a very large botnet of hacked devices: possibly hundreds of thousands of systems.

Brian Krebs said that there were some signs that the attack had used a botnet that had captured a large number of Internet of Things (IoT) devices. This means that hackers might have exploited weak or default passwords in routers and internet-connected devices in order to turn them against the site.

Topics in this article : , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.