Over the past two years, we have witnessed how brute-force factory default usernames and passwords has become a successful strategty for Internet of Things (IoT) botnet propagation. Currently, these botnets employ the shotgun approach to propagation – pick a target at random and keep trying until the list is exhausted, or the attack is successful. Despite this rudimentary infection vector, these botnets have facilitated the largest volumetric Denial of Service attack seen so far. In a joint project with EZK, DTC and Abuse Information Exchange, TU Delft has launched a project to monitor IoT devices that already in the Dutch market and currently being exploited by criminals. The monitor captures infection data which is not only a critical success factor for mitigating the threat, it is also as incentive to improve security. By increasing transparency in the sector, we reduce information asymmetry and strengthen the security incentives.

Details

time: 14:00
speakers:

Other sessions:

A Sustainable Digital Economy


Digital disease: clinical simulations of hacked devices


Malpedia – Code Cartographer’s Diary


The Dutch Response to a Cyber Incident


Behind the Scenes of Recent Botnet Takedown Operations


Enhance Encrypted Network Takedown Operations