TMCnet News
Akamai Threat Research Team Identifies New Abuses Of OpenSSH VulnerabilityCAMBRIDGE, Mass., Oct. 12, 2016 /PRNewswire/ -- Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in content delivery network (CDN) services, today published new research from the company's Threat Research team. Akamai researchers Ory Segal and Ezra Caltum have identified a recent spate of attacks whereby attackers are using Internet of Things (IoT) devices to remotely generate attack traffic by using a 12-year old vulnerability in OpenSSH, which we are calling SSHowDowN Proxy. A full report detailing the attacks is available for download here http://akamai.me/2dTsrg8. Overview It is important to note that the research and subsequent advisory do not introduce a new type of vulnerability or attack technique, but rather a continued weakness in many default configurations of Internet-connected devices. These devices are now actively being exploited in mass-scale attack campaigns against Akamai customers. The Threat Research Team has observed SSHowDowN Proxy attacks originating from the following types of devices:
Compromised devices are being used for:
Once malicious users access the web administration console, they have been able to compromise the device's data and, in some cases, fully take over the machine. "We're entering a very interesting time when it comes to DDoS and other web attacks; 'The Internet of Unpatchable Things' so to speak," explained Ory Segal, senior director, Threat Research, Akamai. "New devices are being shipped from the factory not only with this vulnerability exposed, but also without any effective way to fix it. We've been hearing for years that it was theoretically possible for IoT devices to attack. That, unfortunately, has now become the reality." Mitigation Some recommended approaches to mitigation include:
If the device is behind a firewall, consider doing one or more of the following:
Akamai continues to monitor and analyze data related to this ongoing IoT threat. To learn more, please download a complimentary copy of the research white paper at http://akamai.me/2dTsrg8. About Akamai
Logo - http://photos.prnewswire.com/prnh/20100225/AKAMAILOGO To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/akamai-threat-research-team-identifies-new-abuses-of-openssh-vulnerability-300343049.html SOURCE Akamai Technologies, Inc. |