Criminals Weaponize Open Source Tools, Target IoT

Cyber-criminals have grown more sophisticated in their unyielding attempts to compromise internet of things (IoT) devices, according to Fortinet’s Global Threat Landscape Report.

The latest quarterly report indicates the changing vicissitudes of the threat landscape, with the exploit index reaching an all-time high in the Q4 2018, just after experiencing a decline in nefarious internet activity toward the end of the previous quarter. The report also found that the convergence of the cyber and physical worlds has opened the door for new types of attacks, as malicious actors are manipulating open source malware tools.

While open source tools have their benefits, they can also be weaponized when put in the wrong hands. “Because these resources are available to anyone, attackers new and old are using them for nefarious activities, which is contributing to the growth of malware threats. Some of these freely available malware tools can be weaponized very easily,” researchers wrote.

In addition, cyber-criminals put forth a lot of effort in exploiting vulnerabilities in IoT devices. According to the survey, the number of exploits per firm rose to 10%. “At the same time, botnets became more complex and harder to detect,” researchers wrote.

Data analysis of the quarter’s activity also reflected that the time for infection of botnets increased by 15%. Botnet attacks are particularly problematic as they are able to communicate with remote malicious hosts once they infect a system.

“The age of cy-phy – the convergence of cybersecurity things and physical spaces – is here. Although the appeal of this convergence to our digital economy is almost sci-fi in terms of imagination, unfortunately the cybersecurity risks are very real,” said Phil Quade, chief information security officer, Fortinet.

“Cyber-criminals are closely watching and developing exploits that target this emerging digital convergence. Fundamental elements of cybersecurity, including visibility, automation and agile segmentation, are more critical than ever to enable us to thrive in our cy-phy digital future and to protect us against the malicious activities of our cyber adversaries.”

What’s hot on Infosecurity Magazine?