On Cybercriminals Leveraging Smart Building Access Systems to Launch DDoS Attacks

Linear eMerge E3 devices that are part of access control systems for Smart buildings have been found to contain serious vulnerabilities that can be used by cybercriminals to launch DDoS attacks according to security researchers at Applied Risk.

Notify of
3 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Javvad Malik
Javvad Malik , Security Awareness Advocate
InfoSec Expert
February 4, 2020 11:38 am

Unpatched software is the second most common vector used to compromise systems after phishing. IoT devices in particular are notorious for either having weak default settings that can be exploited, or have poor mechanisms to allow updates and patches to be deployed in a timely manner.

Additionally, many IoT systems are not monitored with the same rigour as traditional IT systems, so it can be easier for a compromised device to be used for much longer by a criminal without it being detected.

Much like the original Mirai takeover of IoT cameras, this tactic can allow criminals to recruit many hundreds, if not thousands, of devices into a botnet relatively quickly and be used to launch extremely effective DDoS attacks.

IoT manufacturers have their part to play in ensuring devices are secured upon shipping and can be quickly and easily patched when a vulnerability is discovered. Organisations should also ensure any IoT or smart devices are secured and protected in the same way as other IT systems are so that any threats can be quickly detected and responded to.

Last edited 2 years ago by Javvad Malik
Marc Gaffan
Marc Gaffan , CEO
InfoSec Expert
February 4, 2020 11:34 am

The number of IoT devices worldwide is growing exponentially – estimated to be over 75 billion by 2025. As these devices continue to make their way into our everyday lives, attackers naturally are finding ways to exploit them. Attackers always look for the easiest way to establish their foothold – which happens to be these vulnerable access control systems. Vulnerabilities in hardware devices such as these are a common \”low hanging fruit\” for attackers. In fact, we must not forget that endpoints (laptops/desktops) are one of the most commonly targeted devices by attackers – 70% of breaches start on the endpoint. We advise organizations to inventory and assess the security of all of the connected devices being used – everything from access card systems & connected security cameras to traditional connected devices like endpoints and network access control systems.

Last edited 2 years ago by Marc Gaffan
Bob Noel
Bob Noel , VP of Strategic Partnerships
InfoSec Expert
February 4, 2020 11:32 am

When end devices (IoT or other) have an IP address and are attached to the corporate network, they introduce new threat surfaces. It is imperative that network and security teams know every device that is attached to the network, and monitor all traffic to and from them so those end devices can be provisioned, monitored, and secured properly. The only way to do this properly is to deploy and correlate network traffic analysis with end device visibility/asset management tools.

Last edited 2 years ago by Bob Noel
Would love your thoughts, please comment.x