Cyber Security “Forging a Trust and open Cyberspace” was the theme of the Singapore International Cyber Week 2018, held at SunTec Singapore Convention & Exhibition Centre, 18th – 20th September 2018. Photo Credit: Cyber Security Agency of Singapore – Governmentware 2018
Internet of Threats
By Jane Lo ASM Correspondent
The Fourth Industrial Revolution characterized
Asia, (19th-20th September, Marina Bay Sands
IoTroop/Reaper infected Cisco, TP-Link routers,
by billions of interconnected devices with
Expo & Convention Centre), we learn more about
web cameras.
unprecedented processing power and storage
outages and denial-of-service, breach of digital
capacity underscores the digitalisation wave
data and other threats.
sweeping through modern societies.
The symptoms of the infection were not obvious - many users may not even be aware that their devices were compromised and participated in
The Mirai worm and other case studies
a botnet attack.
health wearables, home security cameras are
Mirai was identified as the malware that matched
– only, for example, mere inconveniences from
becoming increasingly common. Beyond this
the tactics, techniques and procedures in the Dyn
completing an Amazon transaction.
diverse collection of consumer devices are
attack, compromising hundreds of thousands of
commercial applications such as specialised
devices - home routers, security cameras, baby
medical or smart logistics equipment. And
monitors – and bringing down the web in 2016 for
interacting with these devices include cloud
about 8 hours.
Devices such as smart appliances (TVs, refrigerators) connected to our phones,
and cellular technologies powering the digital connectivity.
Some may argue there was no real damage
Mirai brute-forced logins to these devices
But in some cases, there are genuine safety threats. Kaspersky Lab (Natalia Khudoklinova), at Internet of Things World Asia, pointed to a pacemaker manufacturer recalled by the FDA (The
using dictionary attacks, exploiting simple default
Food and Drug Administration) in 2017, which
password settings on devices. Breached devices
revealed that almost half a million devices contain
devices introduces a dynamic and vast cyber
became equipped with the malicious program
potential cyber-security issues.
network. What’s more, the increasing density
and in turn scanned for new victims to be similarly
opens additional entry points for malware to
infected. And so, victim devices carrying the
user could "access a patient's device using
establish foothold and facilitates the spreading
malware multiplied, spreading the infection through
commercially available equipment" and could
of infection.
the cyberspace.
"modify programming commands to the implanted
The rapid expansion of interconnected
In this set-up, voluminous digital data poses
Crossing borders and jurisdictions, the infection
If left unpatched, the FDA said an unauthorized
pacemaker, which could result in patient harm
privacy issues. Security of the infrastructure
effectively built a botnet army from which the actual
from rapid battery depletion or administration of
is also a concern. These risks associated with
denial-of-service attacks were launched. This
inappropriate pacing."
interconnected devices or internet-of-things
botnet attacked by sending exhaustive requests to
(IoT) are also known as the “Internet of Threats”.
Dyn’s data centres to jam the servers’ bandwidth,
endpoints and telecommunication equipment often ignore the basic principles of cybersecurity”.
Exploits of IoT brings disruption. At the
rendering them inaccessible. Ultimately, the failure of
Singapore International Cyber Week (18th- 20th
these servers to respond to legitimate requests shut
September, SunTec Singapore Convention &
down 80 websites, including Amazon and Google.
Exhibition Centre) and Internet of Things World
50 | Australian Security Magazine
A year later, a more sophisticated worm
Kaspersky Lab said “the manufacturers of IoT
These included: “devices are provided with preset passwords”, “network security configurations are weak” and “device software is not always