Electronics manufacturer Panasonic recently described how it boosted its Internet of Things security by connecting them to internet honeypots. The company stated that it’s using two specially developed honeypot sites to lure cybercriminals into attacking its connected home appliances like fridges and other kitchen products and watch how they attempt to attack them.
What are Internet Honeypots?
A honeypot is a decoy program designed to look like a legitimate system to trap intruders who are trying to attack the system. During the process, the attackers are being stealthily observed, without the intruder’s knowledge.
However, honeypots are considered controversial. Several security pros define it as unfair entrapment tools while others see it as a useful data gathering and preventive mechanism.
Security officials at Panasonic stated that they have been using this technique to understand the IoT threat landscape and how to counter them.
In a recent presentation at Black Hat Europe in London, security researchers from Panasonic, Hikohiro Y Lin and Yuki Osawa, detailed that how they’re executing honeypots.
“We have developed a system where information is collected through the honeypot is sent to a Sandbox for automated analysis, to address our concern for having a limited number of security experts. What this system allows Panasonic to do is collect “malware targeting/exploiting Panasonic IoT devices” for quicker remediation, in addition to “popular malware” targeting a wide-range of IoT devices,” the researchers stated in a post.
Panasonic stated that it has been able to find around 179 million attack cases and nearly 25,000 malware samples, of which 4,800 were targeting IoT.
IoT devices often cake a large slice from the cake when it comes to targetted attacks. In fact, for several cybercriminals, IoT devices are the primary target. A research named Internet of Things in Underground Communities by Trend Micro detailed the rising trend for IoT attacks. It explained how online intruders exploit vulnerabilities in connected devices
According to the research, the Russian and Portuguese-speaking forums are more prominent in financially driven attacks than other cybercriminal markets. It’s said that one of the main activities of these forums are selling access to compromised devices such as webcams, routers, and printers. In order to mitigate cyber risks from the design phase itself, the researchers at Trend Micro urged the IoT manufacturers to partner with security experts.