Over the past two years, we have witnessed how brute-force factory default usernames and passwords has become a successful strategty for Internet of Things (IoT) botnet propagation. Currently, these botnets employ the shotgun approach to propagation – pick a target at random and keep trying until the list is exhausted, or the attack is successful. Despite this rudimentary infection vector, these botnets have facilitated the largest volumetric Denial of Service attack seen so far. In a joint project with EZK, DTC and Abuse Information Exchange, TU Delft has launched a project to monitor IoT devices that already in the Dutch market and currently being exploited by criminals. The monitor captures infection data which is not only a critical success factor for mitigating the threat, it is also as incentive to improve security. By increasing transparency in the sector, we reduce information asymmetry and strengthen the security incentives.


time: 14:00

Other sessions:

Disrupting Financial Cybercrime

Enhance Encrypted Network Takedown Operations

Malpedia – Code Cartographer’s Diary

Modern Pentest Tricks