F-Secure Attack Landscape H2 2019

2019 wrapped up with high-impact ransomware attacks on enterprises, as well as continued high rates of attack traffic throughout our global network of honeypots. Honeypot traffic was driven by action aimed at the SMB and Telnet protocols, indicating continued attacker interest in the Eternal Blue vulnerability as well as plenty of infected IoT devices. The end of the year also served as the end of the decade, prompting a look back at where we’ve come since 2010.

In this report, we cover the attack traffic seen by our global network of honeypots over the last six months of 2019, as well as malware seen by our customer endpoints throughout the year. We also take a trip down memory lane, revisiting cyber security highlights of the decade.


Filling the gap in IoT security to protect the connected home

Just a few years ago, service providers were adapting to consumers’ growing use of mobile devices and introducing solutions to secure not just computers, but smartphones and tablets. Fast forward to today, and consumers are quickly acquiring smart thermostats, light bulbs, TVs, gaming consoles and other connected things. What was once a trend in multi-device security is yielding to a trend in whole-home security.

Find out:

  • Why network-based security is not enough to safeguard your customers
  • Where we recommend for the security to be implemented
  • What we mean by layered approach


Connected Home Security: The Best Route is the Simplest Route

There are two certainties about the continued widespread development of connected homes. One, this phenomenon is happening before our eyes – consumers continue to bring home voice assistants, smart lighting, Wi-Fi enabled thermostats and other gadgets. And two, too many of those IoT devices that make our homes connected aren’t being built with your privacy or security in mind. Instead, they’re built to ship quickly. Forgotten are the details of securing them from today’s threats.

This second fact has become abundantly clear as the number of DDoS attacks have risen sharply, largely due to the proliferation of vulnerable IoT devices available on the internet. Netscout is just the latest to confirm this, reporting that DDoS attacks have increased 39% in the past year.* Insecure connected devices are attractive to online criminals, as they can easily infect them with malware, turn them into bots and harness their bandwidth for coordinated denial of service attacks.

While such attacks don’t generally make the mainstream news, consumers are not completely oblivious to the inherent risks of bringing connected “things” into the home. In a recent F-Secure survey, nearly half of respondents said their security concerns about connected devices affected their purchasing decisions.**

Still, as technology providers, we can’t expect the average user to take proactive steps to protect against online threats if our solutions aren’t intuitive and simple. Ideally, protecting a home from digital threats should be no more complicated for your customers than flipping a switch or plugging in a cable.

It starts with the home gateway

“Building a connected home with an insecure router is like building on quicksand, and that is something that is going to have to change if we want smart homes to be secure,” says Andrea Barisani, F-Secure’s head of hardware security.

Part of F-Secure’s hardware work involves pressure-testing home routers that ISPs and retailers make available to their customers, in order to answer a key question: Can it withstand attacks throughout its lifecycle? F-Secure helps router manufacturers and ISPs harden the security of their home gateways to build a rock-solid foundation for the connected home.

And it’s the humble home gateway that is the foundation for securing the future. After all, the router is already perfectly positioned to act as a defense against incoming threats. It’s also the simplest, most sensible way to protect every smart device in the home.

That’s why for over two years now, F-Secure has offered its secure SENSE router directly to consumers. And that’s why the company has answered the call to make the adoption of connected home security simple for consumers who use home routers supplied by their internet service providers. F-Secure now provides router makers and ISPs with an embedded Connected Home Security solution as a software development kit (SDK) mounted onto home WiFi routers.

This security cloud and artificial intelligence-powered kit turns a regular ISP WiFi router into one that protects home users and their internet-connected devices against malware, phishing and online tracking, and secures smart and IoT devices against cyber attacks.

This is the solution that secures consumers’ digital lives without burdening them with unnecessary information or actions. Operators can simply secure customers’ homes, whether those homes are already filled with connected things – or just beginning to be.

Outside the home

Of course, the need for security doesn’t end beyond the doorstep. The blanket of security that protects people’s connected homes must also cover them when on the go with their smartphones, tablets and laptops.

The simple way to secure consumers both at home and on the go is to provide a seamless combination of network security and endpoint protection. In this model, network security through the home router works in tandem with endpoint protection for devices capable of hosting security applications – laptops, smartphones and tablets. This way, all devices, both at home and away, are protected under one umbrella. F-Secure’s Connected Home Security solution integrates security for all these devices into a single, seamless experience for end users.

More benefits for the whole family

As important as blocking cyber threats is, there is even more to Connected Home Security. The solution acts as a convenient window to the home network, allowing users to view and manage security for each and every device that’s connected to their home Wi-Fi. This visibility gives users a greater feeling of control over their network and with it, more empowerment to solve network issues on their own.

While users gain visibility, parents also gain control over which devices their children are allowed to use to access the internet, and when. The solution lets parents set limits on their children’s internet usage by filtering out age-inappropriate or disturbing content and setting boundaries for online time.

Consumers need simple solutions for managing the complexities of the modern world – complexities such as the connected home and the risks that come with it. If your customers lock their doors at night, they probably want to lock down their internet connections as well. A holistic, seamless connected home security solution is the simplest way to do it.

*Source: Netscout Threat Intelligence Report H1 2019

**Source: Survey consisted of online interviews of 4,000 age, gender and income-representative respondents from five countries, 800 respondents per country: US, UK, France, Germany, and Brazil.

Smart Home Threat Landscape

The explosion of IoT devices in people’s homes and offices is attracting attention from cyber criminals. And thanks to the security problems commonly found in these devices, they present attackers with low hanging fruit to pick. According to F-Secure Labs, threats targeting weak/default credentials, unpatched vulnerabilities, or both, made up 87% of observed threats.

In late 2018, F-Secure’s network of reconnaissance honeypots servers observed a huge spike in threats targeting exposed telnet ports. Mirai uses this infection method to go after devices through default passwords. This explosion of attacks suggests that there is still plenty of “easy prey” out there and criminals are going after it. Of the attacks observed by F-Secure’s honeypots in 2018, 59%, were attacks targeting Telnet 4 – a trend F-Secure Labs attributes to the spread of Mirai malware.

Securing the smart home requires confronting the rampant vulnerabilities in IoT devices. In addition, the rising number of connected devices on home networks must be as secure as PCs and mobile devices. By inviting more and more tools into the home that can be used to track and observe consumers, security and privacy will play an increasingly crucial role in our lives.

Download this whitepaper to learn the following:

  • A quick history of IoT threats
  • Common IoT threat characteristics
  • How do we stop this growing attack vector in the smart home?

Managing Security with an Easy-to-Use App is Key to Success

Today’s homes are beginning to look and operate like homes of the future. Internet connectivity is continuing its expansion, spreading to more household appliances and devices. For service providers who are staying on top of the trends, the IoT is a wave that promises new avenues of opportunity.

Managing security, however, can be complex for consumers, who switch between devices, networks, and associated security applications. For example, one app manages security on-the-go, another offers security when using the service provider’s network, and a third app provides parental controls.

A far less complicated approach is one solution to secure consumers’ digital lives. Consumers simply want to feel protected, wherever they are and whatever device or network they use.

Download this whitepaper to learn more about:

  • Home visibility benefits users and operators
  • A smooth customer journey for protection on the go
  • Designed with the customer in mind

Major Concerns of Telecom Consumers in 2019

Cybersecurity is an arms race. Attackers constantly evolve their techniques, and in response, defenders continue to adapt their defenses. With each passing year, we witness the fallout from this in the form of data breaches, malware outbreaks, privacy infringements and other compromising scenarios that in the end affect telecoms customers, both consumers and businesses. These events continue to attract headlines, and rightly so, divert the public’s attention to the importance of cybersecurity in our ever-more connected world.

The exact events that will draw attention in 2019 are, like every year, impossible to predict and anyone’s guess. Cybersecurity is fast moving, always changing and often mysterious, given the anonymity of our adversaries. But overarching trends can be identified that will affect the course of the year in cyber.

Six experts at cybersecurity provider F-Secure, the leading partner to operators in value-added security solutions, shared their predictions for what to expect throughout the rest of 2019. From IoT to AI, organizational security to consumer concerns, here are the trends that experts predict will affect telecom customers this year.

Guide to Superior Cyber Security

Best practices and tips for protecting your business! 

Cyber security is simple enough on paper– maintain the integrity of your systems while keeping the attackers at bay. Things get much more complicated once you get down to practice, however. Limited budgets, lack of skilled personnel and low awareness on various security topics can all serve as barriers to achieving protection against modern cyber attacks.

One of the most pressing issues relates to visibility and clarity. Where are we currently with our security? What are we missing? Although most IT and security professionals are aware of the technologies and best practices in their field, it’s easy to lose sight of what’s important when you’re dealing with constantly changing digital environments and rapidly evolving external threats.

That’s why we’re here. If you need some tips – or want to refresh your memory – about how to get the essentials of cyber security right, this guide is for you. We go through the basic building blocks of a solid cyber security protocol, from risk assessment and endpoint protection to threat detection. Check how you’re doing – and start improving today!


Smart but Vulnerable IoT Devices Present an Opportunity for Home Broadband Providers

Internet-connected “things” are lacking in basic security protections, putting consumers at risk. Home broadband providers are in a unique position to protect their customers’ connected devices through value-added security solutions.

As the Internet of Things continues its advancement, our world is becoming smarter and smarter. Consumer televisions and security cameras are already connected to the internet. Adoption of connected thermostats, lights, security systems and voice assistants is growing fast, particularly in North America. Soon homes will have connected washing machines and toasters as well.

According to a 2018 PwC survey, ownership of smart devices in UK homes more than doubled in the previous two years. And according to a study from Parks Associates, more than 50% of US households with broadband plan to buy a smart home device in the coming year. A survey from Metova revealed that 74% of respondents think connected home devices are the wave of the future.

Vendor View image 1

No one is more aware of this trend than Mikko Hyppönen, Chief Research Officer at leading cyber security provider F-Secure. Hyppönen has been fighting computer viruses and defending cyber space since his tenure at F-Secure began in 1991, before most people even knew about the internet. The advent of connected “things” has opened up a new frontier of cyberspace in need of guardians like him to protect it.

“Everything is becoming a computer,” says Hyppönen. This matters because, as he says in an apt aphorism that he’s self-coined as Hyppönen’s Law, “If it’s smart, it’s vulnerable.”

“So here’s a smart phone—vulnerable phone,” Hyppönen says. “Here’s a smart watch—vulnerable watch. Smart car, smart city, smart grid…You get my point.”

The essence of Hyppönen’s Law is that anything that can be programmed can also be hacked. When we add connectivity to the appliances and gadgets around us, we open ourselves and our homes up to potential compromise by malicious actors from afar. Almost all these connected devices use the home gateway Wi-Fi password, yet all are lacking in basic security protections.

Home broadband providers are in the unique position of managing these gateways. Given the relationship of trust already established with customers, broadband providers are well positioned to help consumers deal with the growing complexities of the connected world. By partnering with a cyber security provider like F-Secure, home broadband providers can help consumers keep their living spaces secure, even as homes become smarter.

Connected and compromised

That the IoT has security challenges is being acknowledged by no less than the FBI and Interpol. Both agencies have issued statements in the past year warning about the dangers of connected things.

“Cyber actors actively search for and compromise vulnerable Internet of Things devices for use as proxies or intermediaries for Internet requests to route malicious traffic for cyber-attacks and computer network exploitation,” the FBI warned. “Cyber actors typically compromise devices with weak authentication, unpatched firmware or other software vulnerabilities, or employ brute force attacks on devices with default usernames and passwords.”

The warning echoes a similar finding in a 2018 F-Secure report, Pinning Down the IoT: “In its current form the Internet of Things represents a considerable threat to consumers, due to inadequate regulations regarding its security and use.”

According to the FBI, cyber criminals are leveraging compromised IoT devices for various nefarious activities, such as sending spam emails; generating click fraud activities; buying, selling and trading illegal images and goods; and conducting credential stuffing attacks, which involves testing stolen passwords on website login pages using an automated script.

In the wider context, they can also be used in distributed denial of service (DDoS) attacks on organizations to shut down servers or services. One of the most powerful DDoS attacks ever seen took place in October 2016 when a botnet targeted the systems of a major DNS provider, rendering the internet unavailable to users in many areas of Europe and North America. The ensuing investigation revealed that the botnet had been made up not of conventional computers, but of connected gadgets like IP cameras and baby monitors. The devices were infected with a special type of malware that targets IoT devices, exploiting devices on which the factory default login credentials had not been changed.

Closer to home, what impact can a compromised IoT device have on the average consumer? Device owners may notice spikes in internet usage and increased monthly bills or slow performance of a device or connection. There can potentially be even deeper, more personal effects. In recent years, stories have emerged of vulnerable webcams leaving consumers open to peeping tom hackers and vulnerabilities in critical technology like implantable cardiac devices and baby heart monitors.

Inherently insecure?

Compared with conventional computers, laptops and smartphones, connected “things” present their own unique challenges to security, an issue that begins with the very design of a product. Real world product companies, although they manufacture useful home appliances, toys and everything else you can touch and feel, often know little about information security. It’s no surprise that in their smart products, security is not given the priority it deserves.

These companies focus on how desirable and useful their product is, not on how secure it is. They worry about whether their product is easy to use, not about whether it can be remotely hacked. And to keep costs down and move products out the door, they often sell products built with chips that use outdated software. Such devices may have grave security flaws from the beginning.

Even if these companies were concerned about security, the miniature size of many IoT devices creates challenges. Limited size and processing power narrow the options for security measures. A given computer, smartphone or tablet can have third party security software installed to protect it; this is not the case with connected things. There is no way to install security onto a smart surveillance camera or a smart fitness tracker.

Compounding the problem is the difficulty with updating vulnerable software in IoT devices. Many smaller devices are low cost, and if a vulnerability is discovered on such a device it may be difficult to update the software and then to let customers know about a fix. Even if customers were notified, they would have to have the know-how to download and install the patch.

How smart is smart?

For consumers, there are already “smart” hairbrushes, luggage, even condoms. Almost half the homes in America have a smart TV. New F-Secure research confirms that the only thing preventing even faster adoption of smart devices that connect to the internet is the privacy and security concerns of the people who are most excited about this technology. While 89% of early tech adopters in the UK said they are excited about IoT, 66% also reported being concerned about malware and hacking.

For businesses, the move to connecting almost everything has been happening since before this decade began. To get a sense of how far along we are in the computerization of the world, Hyppönen advises visiting a factory, where companies rely on industrial control systems for billions if not trillions of dollars of commerce.

“When everything is becoming a computer, companies get hacked in surprising ways,” he says. For an example, he points to one of the largest credit card breaches in history—the 2014 hack of US department store retailer Target, which exposed the data of up to 70 million customers.

“In this case, the actual credit numbers were lost as customers were paying at the cashier desks…The shop’s own credit card terminals were stealing the credit card numbers.” The attackers had found a way in through the computers that controlled the ventilation systems, and had worked their way over to infiltrating the POS systems.

When everything is connected, everything must be protected

Anything that can be programmed can be hacked, and like the Target case, it may be hacked to get to something else that’s far more interesting than just the ventilation system.

“They are not hacking your washing machine or your fridges to gain access to your washing machine or to your fridge,” Hyppönen told Nasdaq’s Tomorrow’s Capital. “They are hacking those devices to gain access to your home network…The weakest link in the home network is an IoT device, and we have seen this multiple times. Company networks get breached because of ventilation-automation systems which have nothing to do with your laptops or your servers, but they are computers because everything is becoming a computer.”  In the same way, home networks can get compromised through the most innocuous smart device…smart, remember, meaning vulnerable.

There’s no easy solution for securing the Internet of Things. In order to experience all the benefits of the IoT without scary scenarios of cyber criminals accessing our data and controlling us via our Things, we have to begin by coming to grips with what it’s going to be like to live in a future governed by Hyppönen’s Law.

Home Wi-Fi security

The good news is the problem is recognized, and bold new solutions are available – and it’s up to home broadband providers to bring these solutions to their customers. According to an F-Secure survey*, 60% of consumers said they would purchase their security and privacy services from their internet service provider. Partnering with a cyber security partner to offer value-added IoT security solutions on top of broadband services is one way a broadband provider can secure their customers’ connected lives, and in doing so, enhance their own brand loyalty and trust.

Home Wi-Fi security from F-Secure gives broadband customers protection for every internet-connected device in their home – from smart TVs to gaming consoles, thermostats, wireless printers and baby monitors, to traditional computers and mobile devices. IoT devices are protected against malicious websites and other online threats with breakthrough SENSE technology from F-Secure. Consumers also receive notifications if their devices begin to exhibit odd behaviour. Home broadband providers can enhance their proposition and increase their addressable market with leading-edge, worry-free security for consumers and small businesses.

A more secure tomorrow

Everything is becoming a computer, so everything is vulnerable. This is already true for our businesses and it’s becoming truer and truer for our homes. Our personal sanctuaries where we live, work, and play need to be shielded from the dark underbelly of the internet. Home broadband providers are already providing the bandwidth that powers our connected home and all its devices; it just makes sense to also be part of the solution for protecting these devices, their owners, and the connected home.

*[F-Secure Consumer Research: 4 years-12 countries-20,000 consumer interviews-15 million data points]