There seems to be a general lack of awareness in small-to medium-sized companies when it comes to securing their IoT devices. The potential issues usually begin when they are configuring smart connected devices. Owners and employees see these devices for their primary function, like video conferencing, surveillance cameras or connected thermostats. What they don’t consider are the other risks connected devices pose, and how easily they can become infected. Case in point; researchers recently discovered a trio of IoT botnets based on Mirai that exploit Polycom video conferencing systems. The challenge is to inform and educate SMB owners about this. The opportunity for IoT security solution providers in this regard is massive.
Companies have been adding internet of things (IoT) devices to their networks over the past few years, often increasing their exposure on the internet. This has led to a rise in botnets that specialize in exploiting insecure configurations and vulnerabilities to take control of network-attached storage boxes, surveillance cameras, digital video records and more recently, video conferencing systems.
In August, researchers from IoT security startup WootCloud discovered a botnet dubbed OMNI that was infecting business video conferencing systems made by Polycom. Since then, the company has seen three additional botnets targeting the same type of systems in addition to other Linux-based embedded devices.