University Hackers Attacked 5,000 IoT Devices on Campus

Ahead of its soon-to-be-published 2017 Data Breach Digest report, Verizon has released a sneak peek highlighting one of 16 new cybercrime case studies on new forms of threats capable of halting business operations. The preview focuses on an unnamed university that within the last year experienced a major hack into its network through more than 5,000 connected devices on campus.

In the case of “the botnet barrage,” as the case study dubbed the attack, senior members of the university’s IT staff had received complaints of slow and inaccessible network connectivity on campus. Upon examination, the incident commander found that name servers “were producing high-volume alerts and showed an abnormal number of sub-domains related to seafood,” according to the preview. The incident inspector contacted Verizon’s RISK Team, which conducted a firewall analysis that “identified more than 5,000 discrete systems making hundreds of DNS lookups every 15 minutes.”

“Of these, nearly all systems were found to be living on the segment of the network dedicated to our IT infrastructure,” the incident commander said in the preview. “This was a mess. Short of replacing every soda machine and lamp post, I was at a loss for how to remediate the situation. We had known repeatable processes and procedures for replacing infrastructure and application servers, but nothing for an IoT outbreak.”

The analysis uncovered that “the botnet spread from device to device by brute forcing default and weak passwords.” To regain control of its devices, the university used a full packet capture device to intercept the password for a compromised IoT device over the wire, and then used that to perform a password change before the next malware update took place.

Laurance Dine, managing principal of investigative response at Verizon, told ZDNet that distributed denial-of-service (DDoS) attacks by IoT botnets are going to remain a huge threat until both the manufacturers and organizations that deploy them figure out how to secure them.

“There’s going to be endless amounts of technology out there that the people are going to easily be able to get access to. DDoS is going to continue to be a big problem until we figure out how to create diversions,” she said.

About the Author

Sri Ravipati is Web producer for THE Journal and Campus Technology. She can be reached at [email protected].

Featured

  • interconnected cloud icons with glowing lines on a gradient blue backdrop

    Report: Cloud Certifications Bring Biggest Salary Payoff

    It pays to be conversant in cloud, according to a new study from Skillsoft The company's annual IT skills and salary survey report found that the top three certifications resulting in the highest payoffs salarywise are for skills in the cloud, specifically related to Amazon Web Services (AWS), Google Cloud, and Nutanix.

  • a hobbyist in casual clothes holds a hammer and a toolbox, building a DIY structure that symbolizes an AI model

    Ditch the DIY Approach to AI on Campus

    Institutions that do not adopt AI will quickly fall behind. The question is, how can colleges and universities do this systematically, securely, cost-effectively, and efficiently?

  • minimalist geometric grid pattern of blue, gray, and white squares and rectangles

    Windows Server 2025 Release Offers Cloud, Security, and AI Capabilities

    Microsoft has announced the general availability of Windows Server 2025. The release will enable organizations to deploy applications on-premises, in hybrid setups, or fully in the cloud, the company said.

  • digital brain made of blue circuitry on the left and a shield with a glowing lock on the right, set against a dark background with fading binary code

    AI Dominates Key Technologies and Practices in Cybersecurity and Privacy

    AI governance, AI-enabled workforce expansion, and AI-supported cybersecurity training are three of the six key technologies and practices anticipated to have a significant impact on the future of cybersecurity and privacy in higher education, according to the latest Cybersecurity and Privacy edition of the Educause Horizon Report.