Over the past two years, we have witnessed how brute-force factory default usernames and passwords has become a successful strategty for Internet of Things (IoT) botnet propagation. Currently, these botnets employ the shotgun approach to propagation – pick a target at random and keep trying until the list is exhausted, or the attack is successful. Despite this rudimentary infection vector, these botnets have facilitated the largest volumetric Denial of Service attack seen so far. In a joint project with EZK, DTC and Abuse Information Exchange, TU Delft has launched a project to monitor IoT devices that already in the Dutch market and currently being exploited by criminals. The monitor captures infection data which is not only a critical success factor for mitigating the threat, it is also as incentive to improve security. By increasing transparency in the sector, we reduce information asymmetry and strengthen the security incentives.


time: 14:00

Other sessions:

A Sustainable Digital Economy

The economic impact of DDoS attacks on NL sector

Malpedia – Code Cartographer’s Diary

Modern Pentest Tricks

Constraints for Code: an Economic Analysis of Policies for Secure Digital Products

Let’s Update the Way we Do Updates