Microsoft detects 1,400 cyber attacks on IoT systems

Microsoft warned that the group of ‘hackers’ Strontium, related to the Russian government, attacked several models of Internet of Things (IoT) devices that have been implicated in a total of 1,400 cybersecurity alerts worldwide against states, NGOs and political organizations.

The US company discovered that cyber attacks by the Russian group have been carried out by exploiting security flaws in three IoT devices, including an IP Voice Phone (VOIP), an office printer and a video decoder.

Last April the Microsoft security research team detected an infrastructure belonging to Strontium on several external devices. This group has been associated with Russian military intelligence services, for which it performs cyber espionage.

Now, the Microsoft security response center group has revealed that the Russian cybercriminal group was trying to access corporate networks and has been responsible for 1,400 cybersecurity alerts worldwide against states, NGOs and political organizations.

In two of the three cases, the passwords that were factory set had not been changed on the devices. In the third case, the device did not have the latest security update and the attackers took advantage of that vulnerability.

Once they managed to access these devices, they moved through the private network of organizations from one device to another, tracking the content and trying to access other systems with higher value data.

The Microsoft researchers concluded that Stronium was behind the attacks but they could not determine what the final objectives of the group were, since they detected its intervention in its initial phases.

K . Tovar

Source: La Voz