We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Intelligent Machines

The Hackers’ New Weapons: Routers and Printers

Criminals are hijacking home and office routers and printers to help them overwhelm websites with traffic.

More and more devices are being connected to the Internet, and many of those are rarely updated to patch security vulnerabilities.

Attacks that take down websites by flooding them with traffic have been popular among computer criminals for years. Traditionally, such assaults are launched using PCs infected with malware. But two security companies say they have seen the emergence of a worrying new tactic: home routers, Internet-connected printers, and even webcams being used to knock targeted sites offline.

In a report released last week, Chinese security company NSFocus said that it had seen a significant increase in the use of networked home and office devices in so-called denial-of-service attacks. NSFocus get its data from hardware it sells to companies to defend against denial-of-service attacks. Its customers include the giant Chinese social networking company Tencent.

In December 2014, one of the largest denial-of-service attacks to date took down the online gaming services of Microsoft and Sony for several days. NSFocus researchers say their data indicates that 30 percent of the devices flooding the sites under attack were networked devices, mostly home and office routers. The attackers took control of the routers using malware that looked for devices with default passwords.

NSFocus also recorded an increase in a technique that can trick devices such as routers and printers into participating in a denial-of-service attack without having to compromise them with malware. Such attacks work by exploiting a communication protocol called SSDP, which many devices use to check in with the company that owns or operates them. The protocol is designed in a way that makes it possible to ask a device to send information to a different server. That feature can be used to stage a denial-of-service attack by directing many devices to repeatedly send information to a server running a particular website.

Rishi Agrawal, chief evangelist at NSFocus, says that the tactic is likely to become more common. Staging attacks that way can be easier to use than controlling compromised computers, and the supply of home and office devices that could be used is large and is likely to grow, he says.

When NSFocus researchers spent two days scanning the Internet for vulnerable hardware, they found seven million devices that could be used in the same way as the ones that helped bring down Microsoft and Sony.

Agrawal says techniques exist for filtering out attacks that use SSDP but they’re not widely used. He adds that attackers will also likely find other methods to use connected devices in denial-of-service attacks.

Mikko Hypponen, chief research officer of F-Secure, a security company based in Finland, highlighted the December attacks in a briefing with reporters Wednesday about recent trends in online security. They represent the first real evidence that criminals have found a profitable reason to hijack so-called “Internet of things” devices, a possibility people have warned about for years, he said.

So far criminals have had little incentive to compromise such devices at scale. But Hypponen thinks Internet of things gadgets such as TVs, thermostats, and cars could become a target of ransomware, which holds data hostage using encryption and is a huge problem on PCs (see “Holding Data Hostage: The Perfect Internet Crime”).

A form of ransomware that infects certain Internet-connected LG TVs has been found, but the technique hasn’t spread more widely yet. “An attack is only a good attack if it makes money,” said Hypponen.

Be the leader your company needs. Implement ethical AI.
Join us at EmTech Digital 2019.

Register now
More from Intelligent Machines

Artificial intelligence and robots are transforming how we work and live.

Want more award-winning journalism? Subscribe to Insider Basic.
  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning print magazine, unlimited online access plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    Print Magazine (6 bi-monthly issues)

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.