A couple of weeks ago we reported that business executives were holding back on purchasing IoT devices due to a lack of confidence in security. Now, validating those concerns, the FBI has issued an alert to the potential for exploitation of IoT devices for cybercrime activity. The warning spotlights various types of attacks including spam emails, click-fraud, credential stuffing, and selling or leasing IoT botnets.
“Devices in developed nations are particularly attractive targets because they allow access to many business websites that block traffic from suspicious or foreign IP addresses. Cyber actors use the compromised device’s IP address to engage in intrusion activities, making it difficult to filter regular traffic from malicious traffic,” the alert explained.
According to Tech Republic, many IoT devices are shipped with poor security. This could mean easily guessed factory-default usernames and passwords, or even the lack of an authentication process altogether. Often, when security vulnerabilities are discovered, the maker of the device will release a firmware patch to download – but the issue is that many users neglect to download these patches. One weak link in a heavily interconnected IoT network can open access to highly sensitive information.
Get the full story on Tech Republic.