NEW: Microsoft Vulnerabilities Report 2022 - Read the Findings of Our Annual Report Read Now

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Demos
    • Glossary
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

Don’t Let Mirai Turn Your Devices into Zombies – Get Your FREE IoT Scanner!

December 19, 2016

  • Blog
  • Archive

RIoT

Intel and others estimate that, by 2020, 200 billion connected devices will comprise the Internet of Things (IoT). That’s a whole lot of things!

We tend to think of these things as smart devices, but in general they can be anything with connectivity to the internet and/or to each other. Amazon Go is just the latest technology innovation that uses the IoT concept to reimagine how we shop in brick and mortar stores. So what do no checkout lines have to do with the cyber dangers facing your corporate network? It’s all about connectivity.

Because IoT devices are connected to the wild, and to each other, not only are they vulnerable to attack, but the data that they produce and the applications that support them are also potential attack vectors.

DON'T BE THIS GUY!

IoT Scanner

It’s a jungle out there, get your FREE Retina IoT Scanner (RIoT) gear now! Download now

The Insecurity of Things

As IoT devices continue to proliferate, so too do the number of vulnerabilities they expose. At DEF CON, this year alone, nearly 50 new IoT vulnerabilities were uncovered, affecting devices from more than 20 manufacturers.

Making matters worse, most IoT devices, by design, follow the “set it and forget it” philosophy. And, as such, they typically lack any built-in security or mechanisms for programmatically making device-level changes.

Some common IoT insecurities include:

  • Lack of visibility into sanctioned and shadow IoT devices.
  • Weak configurations, such as default or common passwords, and unencrypted traffic.
  • Limited ability for users to update IoT device software, passwords, or settings.

Any of these scenarios can spell big trouble for an organization.

IoT Threats Are Evolving

Unfortunately for us, a new generation of distributed denial of service (DDoS) attacks has emerged, representing a significant threat to organizations and governments alike. The most notorious of these being the recent wide-scale DDoS attacks perpetrated by the Mirai Botnet.

Mirai malware continuously scans the internet for vulnerable IoT devices, uses a short dictionary to crack their default passwords, and then enslaves them as part of an IoT botnet attack. To date, Mirai has infected hundreds of thousands of IoT devices, and counting – with the vast majority unbeknownst to their owners.

The race has begun and the clock is ticking. Mirai wants your IoT devices. How can you protect yourself and others from becoming victims of these weaponized “things”?

Managing the Vulnerability of Things

With the , organizations now have the ability to reliably identify at-risk IoT devices, such as IP cameras, DVRs, printers, routers, and more. Powered by Retina, an award-winning vulnerability scanner trusted by thousands of organizations, and delivered via the simplicity of BeyondSaaS’ cloud-based interface, RIoT gives you an attacker’s view of your IoT devices and their associated vulnerabilities.

ss-rnss-riot.jpg

Stop Your IoT Devices from Going Rogue

Utilizing specific information, RIoT is able to pinpoint the make and model of a particular IoT device. From there, RIoT safely tests whether or not that device is using default or hard-coded credentials for Telnet, SSH, or Basic HTTP Authentication, which are the preferred attack vectors that botnets (most notably, Mirai) initially use to breach a system.

As a result, you’re able to quickly identify IoT related vulnerabilities, clearly understand their potential impact, and decisively act to mitigate threats. Simply specify a target IP or IP range, and RIoT handles the rest.

In the next few years the IoT ecosystem will swell to an estimated 200 billion things, add an additional 1 billion users, and increase its data production by a factor of 5. With a labor shortage of cybersecurity pros that’s seven figures and counting, more devices, more people, and more data equal more ways in for adversaries.

It’s a jungle out there, get your FREE Retina IoT Scanner (RIoT) gear now! Download now

Already a Retina Customer or Community Member? The new IoT audits were added in Audit Revision 3213, to the All Audits Group. For convenience, RNSS 6.0 consolidates these IoT checks into a new IoT Audit Group, which is available for download via the client portal.

For more, contact us today!

Photograph of Scott Lang

Scott Lang, Sr. Director, Product Marketing at BeyondTrust

Scott Lang has nearly 20 years of experience in technology product marketing, currently guiding the product marketing strategy for BeyondTrust’s privileged account management solutions and vulnerability management solutions. Prior to joining BeyondTrust, Scott was director of security solution marketing at Dell, formerly Quest Software, where he was responsible for global security campaigns, product marketing for identity and access management and Windows server management.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Microsoft Vulnerabilities Report 2022

Whitepapers

Cybersecurity Insurance Checklist

Whitepapers

Privileged Access Management: PAM Checklist

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Podcast
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.