Increase in Targeting of IoT Devices
The NJCCIC has detected an increase in attempts by threat actors to exploit vulnerabilities in a variety of internet-of-things (IoT) devices, including routers and internet-connected cameras. IoT devices are commonly and frequently targeted by threat actors as they are often left outdated and unpatched with default or weak credentials that are easily obtained, allowing actors to take control of these devices. Compromised IoT devices are often joined to a botnet and used to conduct various cyber-attacks, such as distributed denial-of-service (DDoS) attacks. When these devices are left open to the internet, they are at particular risk of targeting. This exposure creates a considerable security risk for these devices as malicious actors could potentially brute-force the login credentials, gain administrative access, replace the firmware with malware, and use the devices to conduct various types of attacks against additional victims. The NJCCIC recommends users and administrators of IoT devices ensure they establish strong passwords, enable multi-factor authentication where available, place these devices behind a firewall, and consider decommissioning the use of devices that have permanent, hard-coded vulnerabilities that cannot or will not be patched by the vendor or manufacturer.