{"id":8555,"date":"2023-03-02T05:59:15","date_gmt":"2023-03-02T13:59:15","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=8555"},"modified":"2023-03-02T06:00:52","modified_gmt":"2023-03-02T14:00:52","slug":"securing-the-insecure-addressing-the-iot-threat-landscape","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/security\/securing-the-insecure-addressing-the-iot-threat-landscape\/","title":{"rendered":"Securing the Insecure: Addressing the IoT Threat Landscape"},"content":{"rendered":"<h3><strong>Author:  Mrigank Gupta<\/strong><\/h3>\n<p>&nbsp;<\/p>\n<h3>The IoT Threat Vector That Should Be on Your Radar, But Isn\u2019t<\/h3>\n<p><em>The Internet of Things (IoT) represents truly world-changing technology. But it also introduces significant cyber risk for security operations everywhere. In this post, we will explore one threat pathway that you likely are not aware of and three common forms of attack that exploit it.<\/em><\/p>\n<p>There is no more potent launch vehicle for Industrial revolution 4.0 than IoT. The telemetry data transmitted by IoT\u2019s billions upon billions of Internet-connected sensors and devices make possible radical improvements in the way we deliver better, more personalized healthcare, manage urban infrastructure, run factories, drive cars, keep homes secure and lower the costs for heating and cooling residences and businesses. Increasingly, embedded IoT sensors are being incorporated into jumbo jets, medical diagnostic equipment, industrial robots, drones, CCTV cameras, lighting systems, washing machines, smart watches, fitness bands, baby monitors and thousands of other products. Billions more IoT devices are on the way.<\/p>\n<p>But for cyber security organizations, IoT\u2019s transformational benefits come with one enormous catch: the vast majority of those billions of IoT devices are fundamentally insecure. For many security professionals, this may not be news. It is well known in security circles that most IoT devices ship without traditional security controls. Many \u201cdevices\u201d consist of little more than smart microchips. There are no standardized security protocols for IoT products. Most also lack operating systems that can be secured or patched.<\/p>\n<p>As IoT becomes more entrenched in industry and in our homes, cybercriminals are paying close attention. They have skillfully shifted their focus to exploiting IoT\u2019s insecurities. &#8220;We observe that as consumers\u2019 interest in smart devices increased, so did attacks,\u201d notes Dan Demeter, a security specialist at Kaspersky. In the first half of 2021 alone, attackers launched 1.5 billion assaults against smart devices to steal data, mine bitcoin or set up botnets, an increase of more than 100 percent over the previous half-year.<\/p>\n<h3>IoT\u2019s Hidden Vulnerability: DNS, DHCP and IP Address Management<\/h3>\n<p>It is general knowledge among security professionals that IoT devices can be susceptible to physical tampering and brute force attacks. What is far less well known is how the most insidious IoT attacks unfold\u2014and what specific vectors they target. Those vectors include the Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP) and IP address management. Every IoT-connected sensor has an IP address and invokes DNS and DHCP continuously when transmitting telemetry data. Some of today\u2019s most urgent IoT-based attacks make use of these core network services in their execution.<\/p>\n<h3>How IoT Attacks Use Network Services<\/h3>\n<p>Most security organizations are unaware that the network services they are tasked with securing have in a few short years become the vectors of choice for malicious hackers and rogue state actors intent on capitalizing on IoT\u2019s vulnerabilities. To understand how threat actors leverage essential network services in IoT attacks, let\u2019s consider a server room used by a large global enterprise.<\/p>\n<p>The room consists of computer servers of various form factors, such as rack-mounted or in tower or blade enclosures. Each server incorporates sensors that communicate the server\u2019s temperature status continuously over the Internet. That temperature data is conveyed over DNS. Server temperatures increase when under full load. Cybercriminals who know how to hack into DNS traffic can monitor those temperature changes. They can then time their attacks against those servers to coincide with when the servers are operating at full capacity, hence maximizing the damage from attacks.<\/p>\n<h3>Three Common IoT Attacks That Exploit Essential Network Services<\/h3>\n<p>Three of the most common IoT-based cyber threats that target essential network services include distributed denial-of-service (DDoS), man-in-the-middle (MITM) and ransomware attacks. Here\u2019s a quick look at each and how they work.<\/p>\n<p><strong>IoT DDoS Attacks<\/strong><\/p>\n<p>A common form of IoT-based DDoS attack targets the DHCP protocol. DHCP is used to automatically assign IP addresses to endpoints. For our purposes, that would be any IoT device on a network. To assign IP addresses, DHCP uses packets of data consisting of various messages, including a category called Discover messages.<\/p>\n<p>In an IoT-based DDoS attack, threat actors use what are known as DHCP starvation tactics. An attacker floods fake or spoofed DHCP Discover messages with spoofed MAC addresses. In an attempt to assign IP addresses, the DHCP server will in turn try to respond to all of these bogus Discover messages. In the process, the DHCP server\u2019s pool of IP addresses is exhausted by the spoofed requests. As a consequence, no legitimate user can get an IP address assigned through DHCP. The end result is a DDoS attack that essentially takes the network down.<\/p>\n<p><strong>IoT Man-in-the-Middle Attacks<\/strong><\/p>\n<p>A man-in-the-middle (MITM) attack is a general term for when an attacker disrupts the conversation between a user and an application. Information is on the way. The purpose of the attack is to steal personal information such as login credentials, account information, and credit card numbers. Targets are most often users of financial applications, SaaS companies, e-commerce websites, and any other website that requires a login. Information captured during an attack can be used for a variety of purposes, including identity theft, unauthorized money transfers, and unauthorized password changes. MITM can gain a foothold within a secure perimeter during the intrusion stage of an Advanced Persistent Threat (APT) attack.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-8556 aligncenter\" src=\"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/iot-blog-post.png\" alt=\"\" width=\"904\" height=\"459\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/iot-blog-post.png 904w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/iot-blog-post-300x152.png 300w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/iot-blog-post-768x390.png 768w\" sizes=\"auto, (max-width: 904px) 100vw, 904px\" \/><\/p>\n<p>IoT gives threat actors endless avenues to perpetuate MITM attacks. For instance, in the DDoS example above, imagine if an attacker were to set up a rogue DHCP server to assign IP addresses to legitimate users. This bogus server can also provide users with gateway routers and DNS servers. All network traffic can then be routed through the attacker\u2019s machine, placing the attacker squarely in the middle of all communications between devices and destinations, free to insert APTs or other forms of attack. <\/p>\n<p>A type of IoT attack closely related to MITM is data eavesdropping. Let\u2019s say eavesdropper, E, taps into the messages and commands in the network during communication (via DNS and DHCP traffic) and obtains confidential messages. A server at E sends fake commands that a server, S, assumes are from legitimate devices or applications. S issues responses for the device operations in response to requests from E. E listens to these responses. A fake device at E can then be used to send the device data, such as sensor data, requests, and commands from E for disrupting, say, a control system. <\/p>\n<p><strong>IoT Ransomware Attacks<\/strong><\/p>\n<p>Ransomware is among the most notorious IoT cyber threats. In this attack, hackers use malware to hold an organization\u2019s critical data hostage through encryption or to adversely affect assets on the network. Threat actors agree to decrypt the data or to stop manipulating assets only after receiving ransom money. <\/p>\n<p>To imagine how such an attack works, we need only look at the server room example we talked about earlier. Researchers have revealed the potential impact of ransomware using an IoT-connected smart thermostat. In one demonstration, researchers showed how attackers can gain remote control of the thermostat (by way of network services communications) and raise the temperature of the server room, putting server functionality at risk, until a ransom is paid. <\/p>\n<p>Similar ransomware attacks can target smart home devices. In this scenario, attackers send notifications to homeowners to pay ransom to regain control of their IoT-connected systems.<\/p>\n<h3>Defending Networks against IoT Attacks<\/h3>\n<p>With IoT, security operations face a daunting challenge. They have to find ways to protect thousands of inherently insecure IoT devices, devices that in many instances inadvertently provide attackers with an opening into the network. While it is impossible to adequately secure IoT devices themselves, security teams can harden their networks against IoT threats by simply securing the essential network services, including DNS, DHCP and IP address management, that attacks require in order to execute. The right security solutions make these services inherently secure and stop IoT attacks in their tracks.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Author: Mrigank Gupta &nbsp; The IoT Threat Vector That Should Be on Your Radar, But Isn\u2019t The Internet of Things (IoT) represents truly world-changing technology. But it also introduces significant cyber risk for security operations everywhere. In this post, we will explore one threat pathway that you likely are not aware of and three common [&hellip;]<\/p>\n","protected":false},"author":381,"featured_media":8366,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[2],"tags":[234,532,849,339,288],"class_list":{"0":"post-8555","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-security","8":"tag-iot","9":"tag-cybertattack","10":"tag-mitm","11":"tag-apt","12":"tag-ransomware","13":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>The IoT Threat Vector You\u2019re Not Aware Of: Common Forms of Attack | Infoblox<\/title>\n<meta name=\"description\" content=\"The IoT brings immense benefits but also significant cyber risk, and most IoT devices are fundamentally insecure. Learn about one hidden threat pathway and the three most common forms of attack that exploit it, including DDoS, MITM, and ransomware attacks.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/security\/securing-the-insecure-addressing-the-iot-threat-landscape\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Securing the Insecure: Addressing the IoT Threat Landscape\" \/>\n<meta property=\"og:description\" content=\"The IoT brings immense benefits but also significant cyber risk, and most IoT devices are fundamentally insecure. Learn about one hidden threat pathway and the three most common forms of attack that exploit it, including DDoS, MITM, and ransomware attacks.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/security\/securing-the-insecure-addressing-the-iot-threat-landscape\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2023-03-02T13:59:15+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-03-02T14:00:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/security-image-08.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"612\" \/>\n\t<meta property=\"og:image:height\" content=\"408\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Infoblox Technical Marketing Engineering Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Infoblox Technical Marketing Engineering Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/securing-the-insecure-addressing-the-iot-threat-landscape\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/securing-the-insecure-addressing-the-iot-threat-landscape\\\/\"},\"author\":{\"name\":\"Infoblox Technical Marketing Engineering Team\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/e3ac3e77dcba80e09473e902f9db015b\"},\"headline\":\"Securing the Insecure: Addressing the IoT Threat Landscape\",\"datePublished\":\"2023-03-02T13:59:15+00:00\",\"dateModified\":\"2023-03-02T14:00:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/securing-the-insecure-addressing-the-iot-threat-landscape\\\/\"},\"wordCount\":1327,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/securing-the-insecure-addressing-the-iot-threat-landscape\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/security-image-08.jpg\",\"keywords\":[\"IoT\",\"cybertattack\",\"MITM\",\"apt\",\"Ransomware\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/securing-the-insecure-addressing-the-iot-threat-landscape\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/securing-the-insecure-addressing-the-iot-threat-landscape\\\/\",\"name\":\"The IoT Threat Vector You\u2019re Not Aware Of: Common Forms of Attack | Infoblox\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/securing-the-insecure-addressing-the-iot-threat-landscape\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/securing-the-insecure-addressing-the-iot-threat-landscape\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/security-image-08.jpg\",\"datePublished\":\"2023-03-02T13:59:15+00:00\",\"dateModified\":\"2023-03-02T14:00:52+00:00\",\"description\":\"The IoT brings immense benefits but also significant cyber risk, and most IoT devices are fundamentally insecure. Learn about one hidden threat pathway and the three most common forms of attack that exploit it, including DDoS, MITM, and ransomware attacks.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/securing-the-insecure-addressing-the-iot-threat-landscape\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/securing-the-insecure-addressing-the-iot-threat-landscape\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/securing-the-insecure-addressing-the-iot-threat-landscape\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/security-image-08.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/security-image-08.jpg\",\"width\":612,\"height\":408},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/securing-the-insecure-addressing-the-iot-threat-landscape\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Securing the Insecure: Addressing the IoT Threat Landscape\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/e3ac3e77dcba80e09473e902f9db015b\",\"name\":\"Infoblox Technical Marketing Engineering Team\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar-thumbnail-tme-96x96.png\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar-thumbnail-tme-96x96.png\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar-thumbnail-tme-96x96.png\",\"caption\":\"Infoblox Technical Marketing Engineering Team\"},\"description\":\"The TME team has responsibility in several areas from building demonstrations that showcase Infoblox products and integrations with 3rd party solutions, competitive intelligence and testing, along with producing deployment guides and video\u2019s. All of this is to help customers maximize their investment in Infoblox technology and improving their ability to secure their business.\",\"sameAs\":[\"http:\\\/\\\/www.infoblox.com\"],\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/tme-team\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"The IoT Threat Vector You\u2019re Not Aware Of: Common Forms of Attack | Infoblox","description":"The IoT brings immense benefits but also significant cyber risk, and most IoT devices are fundamentally insecure. Learn about one hidden threat pathway and the three most common forms of attack that exploit it, including DDoS, MITM, and ransomware attacks.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/security\/securing-the-insecure-addressing-the-iot-threat-landscape\/","og_locale":"en_US","og_type":"article","og_title":"Securing the Insecure: Addressing the IoT Threat Landscape","og_description":"The IoT brings immense benefits but also significant cyber risk, and most IoT devices are fundamentally insecure. Learn about one hidden threat pathway and the three most common forms of attack that exploit it, including DDoS, MITM, and ransomware attacks.","og_url":"https:\/\/www.infoblox.com\/blog\/security\/securing-the-insecure-addressing-the-iot-threat-landscape\/","og_site_name":"Infoblox Blog","article_published_time":"2023-03-02T13:59:15+00:00","article_modified_time":"2023-03-02T14:00:52+00:00","og_image":[{"width":612,"height":408,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/security-image-08.jpg","type":"image\/jpeg"}],"author":"Infoblox Technical Marketing Engineering Team","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Infoblox Technical Marketing Engineering Team","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/security\/securing-the-insecure-addressing-the-iot-threat-landscape\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/securing-the-insecure-addressing-the-iot-threat-landscape\/"},"author":{"name":"Infoblox Technical Marketing Engineering Team","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/e3ac3e77dcba80e09473e902f9db015b"},"headline":"Securing the Insecure: Addressing the IoT Threat Landscape","datePublished":"2023-03-02T13:59:15+00:00","dateModified":"2023-03-02T14:00:52+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/securing-the-insecure-addressing-the-iot-threat-landscape\/"},"wordCount":1327,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/securing-the-insecure-addressing-the-iot-threat-landscape\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/security-image-08.jpg","keywords":["IoT","cybertattack","MITM","apt","Ransomware"],"articleSection":["Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/security\/securing-the-insecure-addressing-the-iot-threat-landscape\/","url":"https:\/\/www.infoblox.com\/blog\/security\/securing-the-insecure-addressing-the-iot-threat-landscape\/","name":"The IoT Threat Vector You\u2019re Not Aware Of: Common Forms of Attack | Infoblox","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/securing-the-insecure-addressing-the-iot-threat-landscape\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/securing-the-insecure-addressing-the-iot-threat-landscape\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/security-image-08.jpg","datePublished":"2023-03-02T13:59:15+00:00","dateModified":"2023-03-02T14:00:52+00:00","description":"The IoT brings immense benefits but also significant cyber risk, and most IoT devices are fundamentally insecure. Learn about one hidden threat pathway and the three most common forms of attack that exploit it, including DDoS, MITM, and ransomware attacks.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/securing-the-insecure-addressing-the-iot-threat-landscape\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/security\/securing-the-insecure-addressing-the-iot-threat-landscape\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/security\/securing-the-insecure-addressing-the-iot-threat-landscape\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/security-image-08.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/security-image-08.jpg","width":612,"height":408},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/security\/securing-the-insecure-addressing-the-iot-threat-landscape\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.infoblox.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"Securing the Insecure: Addressing the IoT Threat Landscape"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/e3ac3e77dcba80e09473e902f9db015b","name":"Infoblox Technical Marketing Engineering Team","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar-thumbnail-tme-96x96.png","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar-thumbnail-tme-96x96.png","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar-thumbnail-tme-96x96.png","caption":"Infoblox Technical Marketing Engineering Team"},"description":"The TME team has responsibility in several areas from building demonstrations that showcase Infoblox products and integrations with 3rd party solutions, competitive intelligence and testing, along with producing deployment guides and video\u2019s. All of this is to help customers maximize their investment in Infoblox technology and improving their ability to secure their business.","sameAs":["http:\/\/www.infoblox.com"],"url":"https:\/\/www.infoblox.com\/blog\/author\/tme-team\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/8555","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/381"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=8555"}],"version-history":[{"count":2,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/8555\/revisions"}],"predecessor-version":[{"id":8559,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/8555\/revisions\/8559"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/8366"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=8555"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=8555"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=8555"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}