https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

From the Industry


Sponsor Content

image

Why IoT Is the New Threat Frontier

  • March 9, 2017
Phishing and ransomware have recently garnered the lion’s share of attention from the media and security professionals, but the latest twist in cyber threats promises to present additional challenges for MSPs. Read how the Internet of Things (IoT) is becoming the new threat frontier.

Phishing and ransomware have recently garnered the lion’s share of attention from the media and security professionals, but the latest twist in cyber threats promises to present additional challenges for MSPs who are committed to comprehensively protecting their clients.

In an insightful podcast hosted by IT channel expert Pedro Pereira, Webroot senior threat research analyst Tyler Moffitt was asked to discuss what he considers the most surprising development in 2016’s threat landscape: “Usually I would say something along the lines of ransomware, phishing, malvertising,” Moffitt replies. “But the Mirai source code being released on the Internet of Things is absolutely huge. This is the new frontier…you have to worry about everything.”

As Moffitt explains, “Your IP cameras, your routers, your DVRs can all be used against you.” Unfortunately, this new focus on the Internet of Things (IoT) is just the latest chapter in the evolution of cybercrime targets, expanding from desktop computers, servers, and laptops into the BYOD universe of smartphones and tablets—and, more recently, IoT.

Moffitt goes on to detail just how easy it is for the bad guys to gain access to IoT devices, using routers as an example: “Those of us familiar with routers and how you initially buy and set them up know that you have to log into them through the IP address. Usually you have a default username and password that’s given to you, like ‘admin’ for the username and ‘user’ for the password.

“It’s generic,” he continues, “and it’s there so that when you log in, you can set it up, create your WiFi password, and then hopefully change the password to the actual web router firmware. That’s what you’re supposed to do, anyway, not leave it at default. It turns out that tens of millions of people aren’t doing that; they’re leaving it at default.”

This kind of basic human error—all too common among consumers and businesses alike—makes it easy for threats like Mirai to wreak havoc on unsuspecting companies. According to Moffitt, the tactics Mirai employs are surprisingly simple. “Mirai is this little tiny botnet that scans TelNet, a subset of the internet. Everything using TCP/IP protocol—they’re all on TelNet.

“What Mirai does is scan TelNet for all these devices,” Moffitt points out. “It only has around 60 or 70 banked default usernames and passwords, and it just brute-force tries to log into these devices using the default list. [The list is] compiled from all the default usernames and passwords from all the vendors. You’d be surprised how many devices Mirai is able to log into.”

A well-known example of Mirai’s destructive power is the October 2016 attack on Dyn, which resulted in a temporary shutdown of Twitter and Netflix. Tens of millions of IoT devices were hacked by Mirai and used for a distributed denial-of-service (DDoS) attack. As a result, the perpetrators were able to harness over a terabyte per second of bandwidth to launch a DDoS on these sites.

Moffitt recalls, “Usually [DDoS attacks] are used with computers, but in this case it was with people’s IP cameras, routers and DVRs. The scary thing is that when these are hacked and turned into a botnet, you don’t really have any idea because they still function as intended. Your router will still send you internet to all the IP addresses you have. Your DVR will still function, no problem, and so will your IP camera.”

A recent attack in Germany shut down 900,000 routers, necessitating that a new patch be released in order to protect the routers that had been given out. Moffitt sighs, “It’s definitely something to worry about. We’re only going to see it grow from here.”

For MSPs, the lesson is clear: your watchfulness must extend beyond your clients’ obvious hardware vulnerabilities (servers, desktops, laptops, smartphones, etc.) to seemingly innocuous IoT devices, like routers, cameras, DVRs, and the like. Protecting your customers from cybercriminals is an ongoing battle, and the fact of the matter is that the battlefield is constantly shifting. Stay vigilant, MSPs.

Download the 2017 Webroot Threat Report to stay up-to-date on the threat landscape.

This guest blog is part of a Channel Futures sponsorship.

Tags: Cloud Service Providers Digital Service Providers MSPs VARs/SIs From the Industry Strategy Webroot Sponsor Content

Related


  • Security shield on digital background
    Lockdown Lessons: Securing Your Business First
    When you consider modern attacks, it’s pretty obvious that all businesses—managed service providers (MSPs), small- to medium-sized businesses (SMBs), etc.—need a strong lineup of cyber-defense tools, not just a barebones firewall and old-fashioned antivirus. You need to protect your business first, and to do that, you have to build out a strong cybersecurity stack that […]
  • Why IoT Is the New Threat Frontier
    Lockdown Lessons: Shoring up Your Network and Security Policies
    Ultimately, every business wants to do what they can to best serve their clients and customers. They also want to grow successfully, increase profits and create lasting relationships for long-term recurring revenue. But in today’s, if you don’t have a good security setup, the chances you’ll get breached get higher every day. That means all […]
  • Making Money with Security Awareness Training
    The volume and sophistication of cyberattacks that target your clients have skyrocketed in the past few years. And, in addition to the advancements in threat trends, your clients’ cyber resilience needs have also changed. The majority of your clients know their employees are on the front lines of their cybersecurity defenses. They also understand that […]
  • Cybersecurity
    Selling Layered Cybersecurity
    For MSPs, relationships are key. Your clients expect a high level of quality in the services they receive, and they place a great deal of importance on the individual working relationship. Clients want to be served by MSPs who understand their needs on a personal level. By the same token, it’s equally important for MSPs […]

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Implementing a Layered Cybersecurity Strategy
  • 16 Questions to Ask Clients in a Vulnerability Assessment
  • How to Mitigate the Risk of Social Engineering and BEC Attacks
  • Lockdown Lessons: Closing Security Gaps

Galleries

View all

New, Changing Partner Programs: AWS, Tech Data, Avaya, Verizon

January 11, 2021

Industry Perspectives

View all

The Right Data Migration Tool Helps Schools Move to Cloud During COVID Crisis

January 19, 2021

Cloud-Based CRM: What SMBs Need to Know about Backup and Recovery

January 19, 2021

Cybersecurity: What to Expect in 2021

January 19, 2021

Webinars

View all

Blueprint for a Scalable MSSP Practice in 2021

January 21, 2021

Who’s Behind the Mask? Hacker Personas Explained

January 26, 2021

How Managed Hosting Providers Thrive with the Alternative Cloud

February 24, 2021

White Papers

View all

Why Subscription Business Model

January 15, 2021

The Ultimate MSP Guide to Sales Efficiency

January 14, 2021

Eight Reasons Why MSPs Need IT Industry-Specific Sales Tools

January 14, 2021

Upcoming Events

View all

Channel Partners Virtual

March 2, 2021 - March 4, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

.@Carbonite Migrate uses real-time replication to move workloads to #cloud with minimal risk and near-zero downtime… twitter.com/i/web/status/1…

January 20, 2021
ChannelFutures

Backup and recovery is essential for #cloud-based CRMs @ConnectWise #SaaS #dataprotection #cloudbackup #databackup… twitter.com/i/web/status/1…

January 19, 2021
ChannelFutures

You an #MSSP looking to avoid a #SolarWinds-type breach? @Asigra, @Barracuda, @CynetSystems give advice. Don’t blam… twitter.com/i/web/status/1…

January 19, 2021
ChannelFutures

What to expect in 2021 @Webroot #cybersecurity #MSP #remoteworkforce #remoteworking #Carbonite… twitter.com/i/web/status/1…

January 19, 2021
ChannelFutures

From #itautomation to #workfromhome, a look at 2021 trends from @BitTitan. dlvr.it/RqwFZg https://t.co/EkCeJVNAPo

January 19, 2021
ChannelFutures

Are you helping your clients with #cloudgovernance? Now is the time. @CloudSphereAI @fortanix @MontyCloudInc… twitter.com/i/web/status/1…

January 19, 2021
ChannelFutures

.@StratusAwaysOn announces new #partnerprogram for VARs. #edgecomputing dlvr.it/Rqvrxf https://t.co/vcLw8e4Ob6

January 19, 2021
ChannelFutures

bit.ly/3bSd4nD twitter.com/DigiRobot/stat…

January 19, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X