Blog

Preventing of Operation Prowli

Why should we keep talking about IoT (Internet of Things) security? Haven’t we talked about it enough? Nope, it’s like death and taxes, they are just inevitable. In my last column, I talked about ways the IoT is increasing the security of our pipeline infrastructure. Security is always relevant, when we’re talking about the IoT.

Research by McKinsey and Co., suggests if policymakers and businesses can get it right, linking the physical and digital worlds through the IoT could generate up to $11 trillion in economic value per year by 2025.

It’s probably true that there is still some hype surrounding the Internet of Things, but it’s also definitely true that this technology can create real economic value.

We still have some major challenges to solve, however, before the IoT can be as widely adopted as it could and should be. Interoperability is one of these challenges that we have talked a lot about in the column, and another key challenge is security.

So, what’s happening in the world of IoT cybersecurity that we need to know about? Here’s one of the latest stories:

This past April, the GuardiCore, Global Sensor Network reported a group of SSH (secure shell) attacks communicating with a C&C (command and control) server. The attacks were all communicating with the server to download attack tools called “r2r2,” and this caught the Guardicore Global Sensor Network’s attention. Guardicore dubbed this malware campaign “Operation Prowli” and discovered it had been spreading malware and malicious code to servers and Websites across multiple industries, compromising more than 40,000 machines globally.

Operation Prowli targets vulnerable IoT devices, as well as other platforms, and it uses techniques like password-brute forcing and weak configurations to gain access. Prowli takes over legitimate Websites, secretly redirecting traffic to malicious Websites.

Operation Prowli has compromised unsecured IoT devices and tens of thousands of machines by exploiting unsecured Websites and servers. Cryptocurrency mining and traffic manipulation appear to be the instigators’ main monetization strategies so far.

The fear from experts who are studying this latest insidious campaign, though, is that the attackers are collecting victim metadata and leaving back doors that will allow them to wreak more havoc in the future. For instance, it’s possible the attackers could reuse victims’ machines later for other purposes or sell stored data to other nefarious characters.

Prevention of these “Operation Prowli” attacks is going to sound familiar. We need to be using strong passwords and keeping our enterprise software up to date. Obviously, this is easier said than done, but in the enterprise world, if you’re leveraging connected devices, it’s essential that you do what it takes to secure your devices and your data.

Another breach you may have heard about recently is the one at Adidas. Adidas announced at the end of last month that an “unauthorized party” may have gained access to certain customers’ data who had purchased items on its U.S. Website. Stolen data seems to have included contact information, usernames, and passwords, but no credit cards, at least as far as we know right now. Unfortunately, this type of thing isn’t as rare as it once was. Just recently, we’ve learned about data security incidents affecting companies like Orbitz, Panera Bread, and other businesses you’ve probably done business with on a personal level.

Orbitz, for instance, discovered that at the end of last year, a cyber attacker seems to have gained access to customers’ personal data, including their names, birthdays, phone numbers and email addresses, physical addresses, and, yep—credit card information.

In fact, a company called Sitelock just released a security report, and it’s saying that in Q1 2018, Websites experienced an average of 50 attacks per day, and at any given time, more than 18 million Websites are infected with malware.

It’s distressing to see the number of cyberattacks on the rise. But, if we’re being honest, we all knew this was coming, right? Data can be profitable, and, therefore, where there is data, there will inevitably be hackers trying to gain access to that data.

McKinsey and Co., says one of the main challenges in IoT security is that end users view IoT security as a commodity. It’s an interesting concept, and I agree with them. So, while almost all of us concur that security in the IoT is essential, end users often see it as something that should be a given, and they’re not necessarily willing to pay extra for it. McKinsey and Co.’s research, which reflects the opinions of semiconductor manufacturers, supports this idea, suggesting just 15% of respondents believe their customers would pay a 20%-or-higher premium for enhanced chip security.

Furthermore, more than 40% of respondents said their customers either are unwilling to pay a premium for enhanced chip security at all or they simply expect security costs to decline.

Nothing in life is free, folks, and the disconnect between end users’ expectations for security and their willingness to pay for it is something we need to address if we’re asking manufacturers to build the highest security into their devices. Therefore, it seems if we want security, someone is going to have to pay for it. And this is true whether we’re talking about Website and server security, IoT device security in the enterprise or consumer realms, or in our nation’s infrastructure.

All month long we been writing about the benefits of connecting infrastructure via the IoT. A drawback, one could argue, is cybersecurity. Anything that’s connected could theoretically be hacked, and the last thing we want is our infrastructure being affected by a cyberattack.

IoT solutions can help protect infrastructure from physical security breaches, like I talked about last week with pipeline infrastructure, but we need to rely on highly secure systems so we don’t open ourselves up to different types of breaches.

 Want to tweet about this article? Use hashtags #IoT #M2M #infrastructure #blockchain #security #data #cybersecurity #cyberattack #AI #analytics #machinelearning #bigdata

By |2018-07-24T16:31:42+00:007/25/2018|

Leave A Comment