The realm of cyber-attacks has advanced over the years, both in regards to the scope of the phenomenon and in terms of the technological abilities displayed by the attackers. One recently developing field in this realm is the use of terminal equipment, including communications equipment such as routers and IoT (Internet of Things) devices that are connected to the Internet but are not protected from breaches at a level customary for computers and cellular devices. This trend comes hand in hand with the growing use of IoT devices and the increasing connectivity of electronic devices (security cameras, gates, smart TV's, etc.) to the Internet, in order to better the user experience through regular updates and remote control. Experts in this field estimate that there are over six billion IoT devices in use around the world, in addition to leading devices such as telephones, tablets, and computers, which are protected in one way or another against breaches.[1]
In this manner, the cyber world is integrating into the public, government, military, economic, and personal spheres, while significantly contributing to advancement and development in all areas of life. Such a comprehensive use of the cyber world, however, serves as a source for risks stemming from cyber-attacks; security risks such as information leaks or prevention of the use of various systems, as well as those related to criminal activity.
The Internet and advanced communications technologies have also become an important element for terrorist organizations, which use the cyber-space for a wide range of, mostly operational, activities such as fundraising, recruitment, intelligence gathering, the dissemination of ideologies (such as radicalization and religious justifications) and information (such as reports on victories in the battlefield), as well as marketing. Although the use of cyberspace for offensive activities is not entirely absent from the field of terrorism, terrorist organizations have not yet demonstrated significant independent capabilities. Nevertheless, it should be taken into consideration that offensive cyber capabilities are likely to change significantly and immediately in any of the following scenarios: assistance from a terror-supporting state, the acquisition of knowledge or capabilities from international criminal elements offering their services for a fee on the darknet, or by recruiting computer experts (hackers) with high professional capabilities.
Cyber-attacks carried out by terrorist organizations to date have been at the most basic level. These attacks, most of which exploit weaknesses in the attacked systems, also indicate the potential damage inherent in them, both in the context of intelligence exposure and in regards to the operation or disruption of terminal equipment. During 2016, a growing interest was detected on the part of terrorist and criminal elements in IoT devices and in attacks on those devices. Among the incidents worth noting are the following:
The afore-mentioned incidents may indicate the dangers inherent in attacks carried out using IoT devices, as well as the issues, related to the phenomena, that must be dealt with:
The risks described above, the weaknesses that stem from them, and the possibilities that they open for potential attackers to utilize, serve as the basis of an offensive cyber-campaign. Said campaign could utilize IoT devices as a tool in the framework of a DDoS attack or as a means of disrupting the functioning of the device itself. It is worth emphasizing that a large-scale attack is liable to cause significant damage, such as the attack in Germany, in which the routers themselves were damaged. In the absence of an appropriate response, terrorist organizations are likely to use this product in order to increase the effectiveness, efficiency and scope of damage of a given attack.
Countries must establish security standards for IoT devices through regulation that imposes minimum standards on manufacturers and importers. Alongside the establishment of security and enforcement standards, the public also has a responsibility to select products with minimal security, with a preference for secure products. In addition, we must continue to promote the development of protective measures similar to those available on computers.
[1] http://spectrum.ieee.org/tech-talk/telecom/internet/popular-internet-of-things-forecast-of-50-billion-devices-by-2020-is-outdated
[2] http://www.timesofisrael.com/hezbollah-we-hacked-into-israeli-security-cameras/
[3] https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet
[4] http://www.nytimes.com/2016/10/22/business/internet-problems-attack.html
[5] http://www.theverge.com/2016/10/21/13362354/dyn-dns-ddos-attack-cause-outage-status-explained
[6] http://breaking100news.com/nz/technology/large-scale-cyberattack-leaves-many-disconnected-from-the-internet-in-germany/
[7] https://www.pentestpartners.com/blog/leaked-dvr-creds-added-to-the-iot-fail-list/