Armis, a company specializing in cyber security, found that about 500 million modern "smart" devices are vulnerable to an attack called "DNS rebinding." Researchers say that the Internet of things is great for this type of attacks because of deep integration with corporate workflows.
What is DNS rebinding?
An attacker should attach the victim device to malicious DNS and then use it to unintentionally access different domains. DNS rebinding can be used to collect information, start other malicious processes, and the victim device itself plays the role of an intermediate link in the internal network.
In the course of the investigation, the specialists found out that almost all types of IoT devices are subject to attack by DNS rebinding: from routers to IP-cameras and from multimedia players to TV sets. They argue that "smart" devices "perfectly" cope with ensuring the penetration of intruders into internal corporate networks and theft of important data. Experts published a table with the types of vulnerable devices and their number, which reaches 500 million.
DNS Rebinding Table
According to Armis, fixing vulnerabilities on all devices is too time-consuming and expensive process for large manufacturers. They argue that vendors simply do not pay attention to minor vulnerabilities such as cross-site scripting (XSS) and cross-site forgery (CSRF), which provide opportunities for DNS reconnection.
Instead, experts suggest the introduction of cyber security monitoring systems instead of waiting for the replacement of old devices with new ones.