BOSTON, August 11, 2016 /PRNewswire/ --
CyberX, the leading provider of cybersecurity solutions for the Industrial IoT (IIoT), announced it has revealed the first Internet of Things (IoT) worm which is aimed at Closed-Circuit Television devices. The malware marks a new level of IoT attacks, only days after another advanced attack on IoT devices was declared as "no longer a hypothetical attack" at DEF CON 2016. These discoveries come at a time when Internet-connected devices are growing at an exponential rate due to the proliferation of IoT platforms such as PTC's ThingWorx and General Electric's Predix, and the corresponding consequences of attacks are estimated to be hundreds of millions of dollars.
The malware was revealed as part of the research of a global cyber security campaign, dubbed RADIATION by the CyberX research team. The uniqueness of this campaign can be attributed to the targeting of IoT devices and the enhancement of an existing family of malware for that purpose. The malware infected organizations in multiple industries, with the highest number of victims residing in Taiwan, US and Israel. The RADIATION campaign is categorized as an IoT Distributed Denial of Service (DDoS) campaign. The discovery of RADIATION comes only days following a demonstration of another advanced IoT attack, which was referred to as the "first ransomware for IoT thermostats" in DEF CON 2016.
"This event is a cornerstone in the evolution of IoT security. These advanced threats are shaping before our very eyes, and should not be taken lightly," said Omer Schneider, CEO & Co-Founder of CyberX. "RADIATION demonstrates the continuously evolving skillset of attackers. It is only the beginning of what we believe to be the dawn of IoT cyber campaigns," said Nir Giller, CTO & Co-founder of CyberX. "Ranging from manipulation of infusion pumps to ransomware for IoT thermostats, IoT environments are becoming high value targets."
The CyberX research team started investigating RADIATION following a notification which was generated by XSense, the CyberX flagship solution for Industrial IoT environments. The team also discovered that RADIATION was already utilized to inflict DDoS attacks. One of its victims include SKAT, the Danish Customs and Tax Administration. The complete RADIATION report can be found on the CyberX website.
CyberX leads the way in securing the Industrial Internet by providing complete visibility into the IIoT environment as well as real-time detection and alerts of operational incidents, cyber threats and system tampering, thus minimizing disruption to operations and downtime. Seamlessly connecting to any IIoT environment, our flagship platform XSense, which harnesses IFSM technology, provides immediate results by collecting data across the IIoT environment and utilizing Big Data and Machine Learning to optimize the detection of anomalous behaviors.
Serving customers worldwide, CyberX is a member of the Industrial Internet Consortium (IIC) and ICS-ISAC and was recognized by Gartner as a 2015 Cool Vendor in Security for Technology and Service Providers. Named "Best Product in ICS/SCADA Security Solution of 2016" by Cyber Defense Magazine at RSA, its research is considered cutting edge, contributing zero-day vulnerability discoveries to both the US Department of Homeland Security and industrial vendors. CyberX is also a member of the Israeli national consortium chosen to provide cyber solutions for the Tokyo 2020 Summer Olympics, which is supported by Foreign Trade Administration of the Ministry of Economy and Industry and the Israel's National Cyber Bureau of the Prime Minister's Office.
Romit Barratson Sagi
Director of Marketing