In another sign of the growing threat posed by compromised smart devices, the update late last week claimed that attackers are using them as proxies to maintain anonymity and obfuscate network traffic.
Doing so enables them to engage in click fraud, trade illegal goods, send spam emails, and mask their internet browsing. IoT devices can also be conscripted into botnets which can be rented out, sold or used directly for credential stuffing and other attacks, the alert claimed.
The FBI warned of several warning signs that users’ smart devices may have been taken over: a major spike in monthly internet usage, high ISP bills, slow or inoperable devices, unusual outgoing DNS queries and traffic and slow internet connections.
Everything from routers and NAS devices to DVRs, Raspberry Pis, and even smart garage door openers could be at risk.
“Devices in developed nations are particularly attractive targets because they allow access to many business websites that block traffic from suspicious or foreign IP addresses. Cyber actors use the compromised device’s IP address to engage in intrusion activities, making it difficult to filter regular traffic from malicious traffic,” the notice continued.
“Cyber actors typically compromise devices with weak authentication, unpatched firmware or other software vulnerabilities, or employ brute force attacks on devices with default usernames and passwords.”
The risks posed by insecure consumer IoT devices have long been known — ever since the Mirai botnet DDoS-ed a string of big-name sites back in 2016. But with an estimated 20.4 billion connected ‘things’ in operation by 2020, the threat continues to rise.
That’s why the British Standards Institution launched a kitemark initiative earlier this year, in a bid to improve the baseline security of products by helping buyers to better identify smart devices they can trust to be reliable and secure.
In the meantime, the FBI urged users to reboot devices regularly, change default log-ins, use AV, ensure they’re up-to-date with patches, and isolate IoT devices from other network connections.