FBI warns about the use of Internet of Things devices as proxies by cyber actors
- Published: Tuesday, 07 August 2018 11:03
The US FBI is warning organizations to be aware that cyber actors actively search for and compromise vulnerable Internet of Things (IoT) devices for use as proxies or intermediaries for Internet requests to route malicious traffic for cyber-attacks and computer network exploitation.
IoT proxy servers are attractive to malicious cyber actors because they provide a layer of anonymity by transmitting all Internet requests through the victim device’s IP address. Devices in developed nations are particularly attractive targets because they allow access to many business websites that block traffic from suspicious or foreign IP addresses. Cyber actors use the compromised device’s IP address to engage in intrusion activities, making it difficult to filter regular traffic from malicious traffic.
The FBI recommends the following protective steps:
- Reboot devices regularly, as most malware is stored in memory and removed upon a device reboot. It is important to do this regularly as many actors compete for the same pool of devices and use automated scripts to identify vulnerabilities and infect devices.
- Change default usernames and passwords.
- Use anti-virus regularly and ensure it is up to date.
- Ensure all IoT devices are up to date and security patches are incorporated.
- Configure network firewalls to block traffic from unauthorized IP addresses and disable port forwarding.
- Isolate IoT devices from other network connections.