Kaspersky Lab researchers spoke about hundreds of advertisements found on the darknet for the sale of services for carrying out DDoS attacks using smart devices, competition between attackers for control of infected gadgets.
According to analysts from the Kaspersky Digital Footprint Intelligence service, one of the most popular services on the darknet related to the Internet of things is DDoS. Mentions of botnets based on smart devices, which are used to carry out such attacks, have become more common in advertisements on various shadow forums. In just the first half of 2023, analysts from the Kaspersky Digital Footprint Intelligence service found more than 700 such advertisements on the darknet.
The price of this service depends on many factors that influence the complexity of the attack, including: whether the victim has DDoS protection, the presence of captcha and JavaScript verification. In total, the cost of the attack varies from $20 per day to $10 thousand per month. On average, in the advertisements studied, such a service was offered for $63.5 per day or $1,350 per month.
The spectrum of threats for connected devices. Other types of malware targeting the Internet of Things include ransomware, miners, and DNS server changers. Sometimes infected devices are used as proxy servers—intermediate nodes on the Internet that redirect the attacker’s traffic through themselves, thus making it difficult to track.
The most common method of infecting smart devices is brute-forcing passwords for services using the Telnet and SSH protocols. Thus, in the first half of 2023, 97.91% of recorded attempts to brute-force passwords recorded by honeypots – special traps for attackers – were aimed at the Telnet protocol and 2.09% – at SSH.
To protect industrial and consumer IoT devices from cyber threats, the company recommends that businesses:
- regularly conduct security assessments of OT systems to identify and resolve potential problems;
- use solutions for monitoring, analyzing and detecting network traffic on industrial computers to improve the effectiveness of protection against cyber attacks that potentially threaten the technological process and the main assets of the enterprise;
- protect both industrial and enterprise devices;
- when purchasing smart home devices, change the default passwords to more complex ones.