In response to the news that over 200,000 MikroTik routers have been hit by a Coinhive cryptojacking campaign, an expert with Corero Network Security offers thoughts.
Sean Newman, Director Product Management at Corero Network Security:
In this case, the routers were exploited to deliver a crypto-mining payload but, the same approach could have just as easily leveraged them for other objectives, including data exfiltration or DDoS attacks. From a DDoS perspective, the scale of processing power available in such devices could easily be leveraged for a single attack which could extend to tens of terabits per second, or many smaller attacks if they were used as part of a DDoS for hire service.
The challenge of unpatched devices is a hard one for the equipment vendors to solve, especially as, in many cases, they don’t actually know who the end-users are, so cannot reach out to them directly and notify them of critical software updates. This evolving pool of Internet-connected devices, easily exploited by cybercriminals, is a key reason why organizations need to ensure they are deploying the latest cyber-security defences, whether that’s detecting crypto-jacking within their network or being able to defend from crippling DDoS attacks, in real-time.”
The opinions expressed in this article belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.