TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

F5 Labs

The Hunt for IoT: The Growth and Evolution of Thingbots Ensures Chaos

2018-03-13 · Read original ↗

ATT&CK techniques detected

4 predictions
T1584.005Botnet
73%
"it infrastructure. regardless of when the easy pickings end, the volume of telnet brute force attacks launched between july 1 and december 31, 2017, maintained levels equivalent to what we saw before and after mirai. in context, the telnet attacks we have been reporting on have b…"
T1584.005Botnet
66%
"these protocols were created for isps to manage their routers deployed at customer homes and were exploited by the annie thingbot, causing widespread outages for customers of the german isp deutsche telekom and ireland ’ s eircom. * annie is one of five ( annie, persirai, satori,…"
T1584.005Botnet
59%
"networks that were top threat actor networks in prior reports. behind china in total attack volume was the u. s., followed by russia. - we have consistently seen the same attacking ip addresses and networks over the span of our two - year research, proving that this abusive traff…"
T1584.005Botnet
42%
"and there are consistent top threat actors over time — perhaps using favored networks. networks that allow attackers to do whatever they want with little to no involvement ( bulletproof hosting providers ) or have limited ability to detect and respond to abuse ( residential iot d…"

Summary

IoT attacks show no signs of decreasing while infected IoT devices go un-remediated, and discovery of new thingbots is at a decade-long high.