Overwhelmingly, Thais embrace the Internet of Things

Today, they still might not recognise the term, but they’ve overwhelmingly embraced it. Many could name a half-dozen ways they use it daily, whether they’re commanding Alexa to set an alarm, play music, or create a To-Do list; remote-controlling their home’s lighting, door locks, and thermostat; uploading health stats (like blood pressure or blood sugar data) directly to their doctor from a fitness app; scanning empty grocery items to automatically re-order online, or (gasp) watching security camera video feeds in real time as their homes are being burglarised. 
From the innocence of the first Internet-connected device – a toaster – to today’s sensors that control our most critical infrastructure, the IoT represents one of the most sweeping technological disrupters of our time, connecting the physical world to the virtual world. It is reshaping business and manufacturing as well as the way we, as consumers, approach life, work, and play. 
Today, there are already an estimated 8.4 billion IoT devices in use, and that number is expected to reach over 20 billion by 2020. This inexorable march we’re making toward a fully device-connected world, not just an Internet-connected world, is proving to be as dangerous as it is enticing. Many consumers would be shocked to learn that some of their own IoT devices – IP cameras, DVRs, and home routers – might already be compromised. They could conceivably have been used as pawns in large botnets like Mirai, which took down hosting provider Dyn, and ultimately web giants like Twitter, Netflix, the Guardian, Reddit, and CNN in late 2016.
According to F5’s latest report: Threat Analysis: The Hunt for IoT – the Rise of Thingbots, IoT devices are becoming the “cyberweapon delivery system of choice” by today’s botnet-building attackers. And, why not? There are literally billions of them in the world, most of which are readily accessible via Telnet and easily hacked due to lack of security controls. Why would attackers rent expensive resources in hosting environments to build their botnets when so many devices are “free” for the taking? 
Here are the key findings based on analysis of data collected between January 1 through June 30:
Telnet attack activity grew 280 per |cent from the previous period, which included massive growth due to the Mirai malware |and subsequent attacks.
The level of attacking activity at the time of publishing doesn’t equate to the current size of Mirai or Persirai, indicating there are other thingbots being built that we don’t yet know about. Since there haven’t been any massive attacks post Mirai, it’s likely these thingbots are just ready and waiting to unleash their next round of attacks.
Although IoT devices are known for launching DDoS attacks, they’re also being used in vigilante thingbots to take out vulnerable IoT infrastructure before they are used in attacks and to host banking trojan infrastructure. IoT devices have also been subject to hacktivism attacks, and are the target of nation-state cyber warfare attacks. 
As we see in this report with Persirai, attackers are now building thingbots based on specific disclosed vulnerabilities rather than having to launch a large recon scan followed by brute forcing credentials.
From a manufacturing and security perspective, the state of IoT devices has not changed, nor did we expect it to. In the short term, IoT devices will continue to be one of the most highly exploitable tools in attackers’ cyber-arsenals. We will continue to see massive thingbots being built until IoT manufacturers are forced to secure these devices. 
In the meantime, responsible organisations can do their best to protect themselves by having a DDoS strategy in place, ensuring redundancy for critical services, implementing credential stuffing solutions, and continually educating employees about the potential dangers of IoT devices and how to use them safely.

Contributed by WATCHARA JIRACHAROENSUWAN, Country Manager, F5 Networks (Thailand)