Russian hackers are exploiting security vulnerabilities in common Internet of Things devices to infiltrate corporate networks, according to Microsoft.

The number of IoT devices online today is greater than the number of personal computers and mobile phones combined, but IoT security is often an afterthought, with 15% of users not changing the default password on their IoT devices. This has left many devices vulnerable to hackers.

In a blog post, the Microsoft Threat Intelligence Center warned that many devices are connected to the internet with “little management or oversight”, but this can pose a threat to businesses.

It explained that Russian cyber espionage Strontium, also known as Fancy Bear, is behind a new corporate networks attack, which occurred earlier this year. The group is thought to be responsible for several high-profile cyberattacks, including hacking into the emails of Democratic National Committee members, and the NotPetya attacks in 2017. The group has now turned its attentions to common IoT devices such as printers and voice over IP phones.

Printers, VoIP phones and beyond: The risks of IoT security

In April, security researchers in the Microsoft Threat Intelligence Center discovered that someone had gained access to corporate networks via a VoIP phone, office printer and a video decoder in multiple locations. The attacker was able to gain access to these devices either because the default password had not been changed, or because the security had not been updated.

Once bad actors had got into the network, they were then able to gain further access through “higher-privileged accounts”.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Therefore, Microsoft is calling for closer monitoring of IoT devices within a network, especially organisations that have a “bring your own device” policy. With attackers able to exploit the simpler configurations or poor IoT security, both manufacturers and businesses must look at new ways to protect devices.

Michele Mabilia, head of product marketing at Kyocera Document Solutions UK believes that organisations must ensure that every internet-connected device is adequately protected:

“The attack raised an issue that deserved to be pointed out. With the increasing influence of the cloud, IoT and other digital transformation technologies, businesses tend to focus on the opportunity these technologies represent. Instead, they should be making sure that every cloud-enabled, mobile and smart device – including their IP-connected print device – is protected against both malicious cyberattack and accidental data loss.

“It goes without saying that setting a strong password and making sure you install the latest update for your security tools are the basics of cybersecurity. The best defences for a secure network are composed of multiple barriers.”

He believes that although default settings offer insufficient protection, solutions are available to improve IoT security:

“When it comes to printers, default settings are insufficient to prevent the growing number of threats to data and network security. However, there are solutions that make it quick and easy to identify and address vulnerabilities. They can identify open ports, alert the users of any unusual activity and generate diagnostic report on demand.

“As the saying goes: “better be safe than sorry”, so the earlier vulnerabilities are identified, the more chances you’ll have to mitigate the threats,” he concluded.