IT disaster recovery, cloud computing and information security news

FBI warns about the use of Internet of Things devices as proxies by cyber actors

The US FBI is warning organizations to be aware that cyber actors actively search for and compromise vulnerable Internet of Things (IoT) devices for use as proxies or intermediaries for Internet requests to route malicious traffic for cyber-attacks and computer network exploitation.

IoT proxy servers are attractive to malicious cyber actors because they provide a layer of anonymity by transmitting all Internet requests through the victim device’s IP address. Devices in developed nations are particularly attractive targets because they allow access to many business websites that block traffic from suspicious or foreign IP addresses. Cyber actors use the compromised device’s IP address to engage in intrusion activities, making it difficult to filter regular traffic from malicious traffic.

The FBI recommends the following protective steps:

  • Reboot devices regularly, as most malware is stored in memory and removed upon a device reboot. It is important to do this regularly as many actors compete for the same pool of devices and use automated scripts to identify vulnerabilities and infect devices.
  • Change default usernames and passwords.
  • Use anti-virus regularly and ensure it is up to date.
  • Ensure all IoT devices are up to date and security patches are incorporated.
  • Configure network firewalls to block traffic from unauthorized IP addresses and disable port forwarding.
  • Isolate IoT devices from other network connections.

Read the full warning.



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

   

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.