How To Hack The Kremlin? Cameras, Of Course.

Blog

How To Hack The Kremlin? Cameras, Of Course.

Hackers have many types of attack vectors at their disposal when launching a cyberwar; there are over 170,000 known vulnerabilities that can be exploited in attacks against a wide range of devices and systems. So many that it raises the question of where do threat actors start in choosing what vulnerabilities to exploit? When the hacker group Anonymous announced they were declaring a cyberwar against Russia in response to their invasion of Ukraine it presented a real-life answer to which cyber weapons would you choose to go to war with. And no surprise, the attacks involved exploiting vulnerable IP cameras. Starting in early March, Anonymous has hacked into hundreds of IP cameras in Russia, including inside the Kremlin, and has used that access to distribute messages to the Russian people, gain military reconnaissance, and move laterally to impact other systems. Those efforts are continuing and expanding as this blog is being written.

 

The lesson from Anonymous’s choice of cyber weaponry is clear: cyber hygiene of IoT devices should be a top priority for minimizing the number and impact of cyber attacks. If Anonymous is currently leveraging vulnerable IoT devices like IP cameras, more than likely cyber criminals trying to attack your organization will try to do the same.

In dissecting Anonymous’s targeting of IoT devices, let’s start with why IoT and not just IT systems. Historically, many cyber attacks were aimed at datacenters and IT devices and therefore most cyber defenses were designed to secure IT systems. But starting about 4 years ago the number of cyber vulnerabilities impacting IoT devices started to exceed that those aimed at IT systems, a trend that continues today. Hackers also know that agent-based IT security solutions do not work on IoT devices; they have non-standard operating systems and can’t support agents running on them, making them harder to defend. IoT devices existing at 5x to 20x the scale of IT devices in organizations. And many IoT systems are managed by the line of business, such as facilities, physical security, manufacturing, and so forth – teams that traditionally have not had to be responsible for cyber security. Because IP-based IoT devices are network connected, they also offer threat actors opportunities to laterally move into corporate networks. In short, lower defenses, larger size of attack surface, and a direct path to data exfiltration and deployment of malware make IoT devices attractive to hackers of all kinds, including Anonymous.

IoT of course has a broad range of device types, from IP cameras to printers to smart building systems and hundreds more. But within the IoT landscape the IP cameras are the low-hanging fruit for cyber attacks. Palo Alto Network’s Unit 42 in 2021 report that the least secure devices in an organization were the IP cameras (33% of security issues), followed by printers (24% of security issues). In other words, if you are concerned about IoT cyber security, start with the IP cameras (like threat actors will).

While this example of IoT being exploited by threat actors comes from today’s events, there has been too many warning signs to call this a wake-up call. In the 2018 suspense novel “The President is Missing” a major plot theme involves terrorists leveraging IoT cyber vulnerabilities. In 2018 a Las Vegas casino had it’s “high roller” database stolen, through cyber criminals exploiting a vulnerable fish tank thermometer. And across this past year we’ve seen gas pipelines, water control systems, and healthcare devices compromised and exploited; IoT stories like these are on the rise. It’s also worth noting the ironic twist to Anonymous leveraging vulnerable IoT devices; this technique has been heavily used by the Russians themselves who have been running botnets off of IoT devices for quite some time to deploy malware, distribute spam, and perform data exfiltration.

Ready to defend yourself against Anonymous or any other hacker looking to exploit your IoT devices? Check out the Viakoo Action Platform, the leading IoT cyber hygiene solution, with automated firmware updating for vulnerability remediation, certificate management to extend Zero Trust to IoT, and automated password policy enforcement. Sign up here for a demo and see how quickly and easily you can reduce your IoT attack surface.

Enterprise IoT Security Solutions

IoT Cybersecurity
Zero-Trust Model
IoT Compliance
IoT Device Remediation

IoT Device Security Platform Datasheets

Enterprise IoT device security
IoT Device Security
Enterprise IoT device firmware platform
Firmware Management
Enterprise certificate management platform
Certificate Management
IoT device password management
Password Management

Share this

Recent Posts
Awards - Briefs - Solutions
Viakoo Honored as Next Gen IoT Security Winner in Cyber Defense Magazine's 2023 Global InfoSec Awards
SINET-award-2022
IoT breakthrough award
viakoo wins 2022 global 100
armis and Viakoo end to end cyber security protection

Viakoo, Inc.
650 Castro St. Suite 120-203
Mountain View, CA 94041
(650) 263-8225
[email protected]

Support
Phone: (650)263-8225
Email: [email protected]

Get the Latest from Viakoo

Solutions

Device Remediation

IoT Ecosystem Security

IoT Device Security

Zero Trust Environments

Zero Trust Model

Compliance and Reporting

IoT Cybersecurity

OT Cybersecurity

Products

The Viakoo Architecture

Viakoo Action Platform

Device Firmware Manager

Device Certificate Manager

Device Password Manager

Service Assurance Manager

 

Resources

Blog
Webinars on Demand
Video
White Papers
Data Sheets
Case Studies

Company

About Us
Newsroom
Careers
Contact Us

Request a Demo
Linkedin Twitter


SOC-2 Certification
Viakoo is certified to the highest level of datacenter security

© 2023 Viakoo Inc All rights reserved.

Privacy Policy | SOC-2 | Terms & ConditionsResponsible Disclosure Policy | Whistleblower Process