Zero-day network vulnerabilities affect IoT devices

Recent studies conducted by cybersecurity experts at Akamai have uncovered highly sophisticated cyberattacks targeting IoT devices, including routers and security cameras. Researchers have identified two serious zero-day vulnerabilities that are already being exploited by attackers to embed these devices within networks of zombie machines, commonly known as botnets.

The persistent threat of Mirai and botnets

Botnets such as Mirai, famous in the field of cybersecurity, serve as platforms for illicit online activities using an infrastructure of compromised devices. These are configured through the spread of malware that exploits vulnerabilities such as those recently discovered and can carry out DDoS attacks or other malicious operations in a distributed and difficult to detect manner.

Attack methods and security guidelines

Unauthorized access to devices occurs through the use of default credentials, which should make it easier to protect against such threats by simply changing them. However, numerous investigations highlight the tendency of users not to replace the passwords set by the manufacturer, thus maintaining an inadequate level of security.

Manufacturers' response and user behavior

In more detail, the reported vulnerabilities mainly concern devices used in the hotel sector by a well-known Japanese brand, mainly powerline models. While corrective patches are being developed, their effectiveness remains dependent on user adoption, who are often reluctant or unaware of the need to regularly update their devices to maintain security.