News

DNS attacks endanger millions of IoT devices

Researchers found that IoT devices are vulnerable to DNS re-binding. Despite the fact that the solution for counteracting such attacks was invented in the last decade, millions of IoT devices remain at risk.

The Internet of things is threatened not only by new inventions of cybercriminals, but also by methods already tested by time. Among them are DNS attacks, in particular, DNS re-binding (better known as DNS rebinding).

This opinion expressed Craig Young, head of Tripwire’s cybersecurity research department.

Read also: C&C server of the new version of Mirai hides in the Tor-network

DNS re-binding actually turns victim’s browser into a proxy for attacking private networks with connected IoT devices.

“In recent years, I have discovered millions of vulnerabilities in such devices”, – said Craig Young.

According to him, this is partly due to the fact that the Internet of things often uses http protocols, which are especially vulnerable to DNS re-binding. In the future, the consequences of this vulnerability may be significant: re-binding opens new doors for botnets.

Craig Young
Craig Young

DNS re-binding actually turns the victim’s browser into a proxy for attacking private networks with connected IoT devices.

“This is a fairly old type of attack that has been actively used by attackers for more than a decade. The problem is that information security experts seem to ignore DNS attacks, not considering them a real threat, but in the future someone might want to create a botnet that will have so many goals because of the popularity of the Internet of things”, – complements Chris Young.

During his research, Chris Young found that devices such as the Google Home smart speaker, Sonos speaker, and Belkin Wemo smart socket are vulnerable to DNS attacks. The last two devices use the SOAP Web Services Access Protocol standard.

If desired, an attacker using DNS re-binding can steal data from the device, disconnect, restart it, block it or force it to play false content.

Chris Young suggests using network segmentation, NoScript extensions and ad blockers as a solution to the problem.

William Reddy

I am from Ireland. My parents bought me a computer when I was 11, and several month after I have got a virus on this PC. I decided to enter the INSA Centre Val de Loire university after being graduated from the school. This French educational institution was offering a brand-new cybersecurity course. After getting the master degree in cybersecurity, I've started working in as virus analyst in a little anti-malware vendor. In 2018, I've decided to start Virus Removal project. The main target of this site is to help people to deal with PC viruses of any kind.

Leave a Reply

Your email address will not be published. Required fields are marked *

Sending

Back to top button