The Police NewsFBI - IC3
Cyber Actors Use Internet In Malicious Activities
Cyber actors actively search for and compromise vulnerable Internet of Things (IoT) devices for use as proxies or intermediaries for Internet requests to route malicious traffic for cyber-attacks and computer network exploitation. IoT devices, sometimes referred to as “smart” devices, are devices that communicate with the Internet to send or receive data. Examples of targeted IoT devices include: routers, wireless radios links, time clocks, audio/video streaming devices, Raspberry Pis, IP cameras, DVRs, satellite antenna equipment, smart garage door openers, and network attached storage devices.
IoT proxy servers are attractive to malicious cyber actors because they provide a layer of anonymity by transmitting all Internet requests through the victim device’s IP address. Devices in developed nations are particularly attractive targets because they allow access to many business websites that block traffic from suspicious or foreign IP addresses. Cyber actors use the compromised device’s IP address to engage in intrusion activities, making it difficult to filter regular traffic from malicious traffic.
Cyber actors are using compromised IoT devices as proxies to:
Cyber actors typically compromise devices with weak authentication, unpatched firmware or other software vulnerabilities, or employ brute force attacks on devices with default usernames and passwords.
Compromised devices may be difficult to detect but some potential indicators include:
Protection and Defense
For additional information on cyber threats to IoT devices, please refer to “Common Internet of Things Devices May Expose Consumers to Cyber Exploitation,” available at https://www.ic3.gov/media/2017/171017-1.aspx.
If you suspect your IoT device(s) may have been compromised, contact your local FBI office and/or file a complaint with the Internet Crime Complaint Center at www.ic3.gov.