August 6, 2022

Killnet Hackers Can Use ‘Any Device’ To Attack Western Targets | United Kingdom | New

The group, which last month threatened to attack ventilators in British hospitals, has and can hijack everyday objects, from external hard drives to security cameras, and use them to create a virtual army of devices to carry out cyberattacks, Daniel dos Santos told express.co. UK. Mr. Santos is the Head of Security Research at Forescout Technologies – a cybersecurity firm.

Forescout researched the types of devices hackers typically use in an attack, the company found that the devices most likely to be hacked were much simpler than personal computers.

Mr. Santos said, “It’s more like IP cameras, home routers, network attached storage devices.”

Many Brits have these devices in their homes, and sometimes people don’t change the default passwords, making it easier for hackers to hijack devices to use in attacks.

He added: “So it is essentially this class of IoT devices that individuals or organizations tend to misconfigure in the way they are connected to the network. Often there is a default password and then they are exposed on the internet with that [default] the password.

“A lot of these devices get compromised and then they use them to attack the target. And because again, a DDoS attack is quite simple. So you don’t need a powerful computer, any small device can be used for this.

“And if you have, like an army of these devices, a botnet of these devices, then it’s very simple to [launch an attack].”

DDoS attacks use so-called “botnets” or armies of hacked devices to overwhelm a system and shut it down.

Botnets are groups of malware-infected devices that can be controlled by a single user to simultaneously attack a target.

Santos said that in order to help prevent these types of attacks, individuals and organizations should be careful to use hard-to-crack passwords and keep unnecessary devices off the internet.

He said: “It’s basic things like having strong enough passwords for devices that are exposed on the internet or not having them exposed on the internet in the first place if they shouldn’t be exposed.

“If you have, for example, an IP camera that’s supposed to be for the organization internally, it doesn’t need to be exposed on the internet.

READ MORE: Horror as photo of American fighters captured by Russian forces is released

Mr Santos warned that companies and governments should have “segmented networks” so that if a device is hacked, it cannot be used to attack other systems, including critical infrastructure.

He said Forescout deliberately left an open device connected to the Internet, otherwise known as “honeypot” traps, to lure Killnet hackers and collect IP addresses associated with the group.

He urged Western governments to share threat assessments with the “general public, private organizations and government organizations” to help prepare for and potentially thwart future attacks.

Killnet is known to attack Western infrastructure with DDoS attacks.

DO NOT MISS :
‘I have to accept!’ The Royals could be forced to create a new role for Andrew [REPORT]
Putin faces mutiny as Russian troops join Kyiv forces [LIVE]
Weed infestation blamed on BREXIT in staggering row [ANALYSIS]

Earlier this month, Killnet is suspected of having launched attacks against several Italian institutions, including the postal service, the Italian Ministry of Defense and the Italian Ministry of Foreign Affairs.

Mr Santos warned that attacks on critical infrastructure in the UK, including airports, could be possible, although more complex ransomware attacks on critical infrastructure are not Killnet’s current focus.

The pro-Russian group is loosely linked to the Russian government and although there is no evidence that the hacktivist group takes orders from the Kremlin, Mr Santos believes Putin’s government exercises some oversight.