COM³ Partners Help Make Internet of Things Safer
The 2021 Internet Measurement Conference (IMC) is a three-day event focusing on Internet measurement and analysis. COM³ partners at Aalborg University, Shreyas Srinivasa, Jens Myrup Pedersen and Emmanouil Vasilomanolakis, presented their paper, “Open for hire: attack trends and misconfiguration pitfalls of IoT devices”.
As the number of Internet of Thing (IoT) devices increases every year, so does the risk of cyberattacks. In their paper, COM³ partners at Aalborg University find out that up to 1.8 million IoT devices are misconfigured and vulnerable. These may be exploited to perform large-scale attacks.
Researchers got these results by deploying honeypots, meaning deception-based systems that act as decoy systems to trap attackers. Honeypots emulate the services offered by a real system and try to lure the attackers to believe that it's a vulnerable system. Any access to the honeypot system can be considered as an attack as there is no real reason to access them. All the access attempts are logged by the honeypots that provide information about the attacker and the exploit.
In many cases, attackers did not need to deploy sophisticated strategies, but rather exploit misconfigured devices (e.g. unauthenticated protocol settings or weak/default passwords).
You can learn more and read the full article, following this link: https://www.researchgate.net/publication/355117101_Open_for_hire_attack_trends_and_misconfiguration_pitfalls_of_IoT_devices
You can also get your mobile-based honeypot and download HosTaGe: