Russian hackers targeting IoT devices to penetrate corporate networks, warns Microsoft. A hacking group linked to the Russian state has been observed targeting Internet-of-things (IoT) devices in a bid to breach secure corporate networks. Microsoft claimed in a blog post that its Threat Intelligence Centre detected multiple attempts from Russia-linked Strontium group – also known as ‘Fancy Bear’ – in April to target VoIP phones, digital video recorders and printers. Hackers tried to attack IoT devices at multiple locations and attempted to use those devices as soft points to gain entry into larger corporate networks.
In two cases, the devices carried factory security settings, such as default passwords, making for easy entry. In a third case, the device was found to be using outdated firmware with known vulnerabilities
After gaining access to the devices, the attackers used them to compromise other vulnerable devices/machines on the network. Some simple scans enabled them to move across the network and gain access to “higher-privileged accounts that would grant access to higher-value data”.
If you would like to
- Learn about the security issues, risks, threats and vulnerabilities associated with IoT systems and connected devices.
- Gain an understanding IoT security best practice.
- Meet Leading experts and companies offering security products, solutions and services.
Read full article from Computing here: