CyberX, the leading provider of cybersecurity solutions for the Industrial IoT (IIoT), announced it has revealed the first Internet of Things (IoT) worm which is aimed at CCTV devices. The malware marks a new level of IoT attacks, only days after another advanced attack on IoT devices was declared as “no longer a hypothetical attack” at DEF CON 2016. These discoveries come at a time when Internet-connected devices are growing at an exponential rate due to the proliferation of IoT platforms such as PTC’s ThingWorx and General Electric’s Predix, and the corresponding consequences of attacks are estimated to be hundreds of millions of dollaTOrs.
The malware was revealed as part of the research of a global cyber security campaign, dubbed RADIATION by the CyberX research team. The uniqueness of this campaign can be attributed to the targeting of IoT devices and the enhancement of an existing family of malware for that purpose. The malware infected organizations in multiple industries, with the highest number of victims residing in Taiwan, US and Israel. The RADIATION campaign is categorized as an IoT Distributed Denial of Service (DDoS) campaign. The discovery of RADIATION comes only days following a demonstration of another advanced IoT attack, which was referred to as the “first ransomware for IoT thermostats” in DEF CON 2016.
“This event is a cornerstone in the evolution of IoT security. These advanced threats are shaping before our very eyes, and should not be taken lightly,” said Omer Schneider, CEO & Co-Founder of CyberX. “RADIATION demonstrates the continuously evolving skillset of attackers. It is only the beginning of what we believe to be the dawn of IoT cyber campaigns,” said Nir Giller, CTO & Co-founder of CyberX. “Ranging from manipulation of infusion pumps to ransomware for IoT thermostats, IoT environments are becoming high value targets.”
The CyberX research team started investigating RADIATION following a notification which was generated by XSense, the CyberX flagship solution for Industrial IoT environments. The team also discovered that RADIATION was already utilized to inflict DDoS attacks. One of its victims include SKAT, the Danish Customs and Tax Administration. The complete RADIATION report can be found on the CyberX website.
