Menu

IoT FEATURE NEWS

Unpatched IoT Vulnerabilities are Still a Big Problem, Akamai Research Says

By

The Mirai DDoS attack, using unsecured IoT devices as a vector, has hopefully awakened the industry to the necessity of incorporating security into solutions. Not as an afterthought, but as a business-critical function of all development from here on out. And, if you’re still not convinced, don’t worry there’s more to come.

Akamai Technologies, a provider of content delivery network (CDN) services, has published new research from its Threat Research team in which researchers Ory Segal and Ezra Caltum have identified several recent attacks leveraging a 12-year old vulnerability in OpenSSH to compromise IoT devices. The tem is calling it the SSHowDowN Proxy. A full report detailing the attacks is available for download here.

This research is not about a new vulnerability. In fact, it’s worse. This is a long-standing and continuing weakness in many default configurations of Internet-connected devices. The company says that this type of attack is now actively being exploited in mass-scale attack campaigns against its customers.

The report details that these SSHowDowN Proxy attacks originate from the following types of devices: CCTV, NVR, DVR devices (video surveillance); satellite antenna equipment; Networking devices (Routers, Hotspots, WiMax, Cable and ADSL modems); and Internet-connected NAS devices (Network Attached Storage).

Compromised devices can be and are being used to mount attacks against Internet targets and Internet-facing services like HTTP, SMTP and Network Scanning, and against the internal networks that host these connected devices.

“We're entering a very interesting time when it comes to DDoS and other web attacks; ‘The Internet of Unpatchable Things’ so to speak,” said Ory Segal, senior director, Threat Research, Akamai. “New devices are being shipped from the factory not only with this vulnerability exposed, but also without any effective way to fix it. We've been hearing for years that it was theoretically possible for IoT devices to attack. That, unfortunately, has now become the reality.”

Akamai also recommended several ways to address this vulnerability. It’s important to change SSH password sand keys from the vendor defaults, of course, and if the device can offer file system access, there are coding solutions, including: adding “AllowTcpForwarding No” into the global sshd_config file, and adding “no-port-forwarding” and “no-X11-forwarding” to the ~/ssh/authorized_ keys file for all users.

If you can’t use either of the above fixes, or if SSH access is not required for normal operations, just go ahead and disable SSH entirely via the device's administration console.

Devices located behind a firewall can be protected by disabling inbound connections to port 22 and allowing only the minimal set of required ports to operate outbound traffic.

This stuff is no longer optional, so get off your complacent laurels and stop talking about how important security is to your company, because you aren’t doing enough. 




Edited by Stefania Viscusi
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Editorial Director

SHARE THIS ARTICLE
Related Articles

Texas Passes Unique AI Laws

By: Carl Ford    7/3/2025

What is the new Texas AI law all about and what does it mean for businesses and government entities?

Read More

I've Asked the Security Experts, But It's Time You Have Your Say

By: Carl Ford    6/27/2025

Security experts are quick to say they know what's happening, but here's your opportunity to weigh in on the state of cybersecurity in IoT.

Read More

Mary Meeker Returns with AI and Breezes Past AIoT

By: Carl Ford    6/26/2025

We are entering an era where intelligence is not just embedded in digital applications, but also in vehicles, machines, and defense systems

Read More

Nothreat Fights AI Fire with AI in Firewalls

By: Carl Ford    6/26/2025

According to Nothreat, the only way to fight AI cyber threats in IoT with AI is to go beyond detection and into active containment, deception, and aut…

Read More

How Kapitus is Reshaping SMB Funding

By: Carl Ford    6/16/2025

Kapitus is a financial institution that provides various financing solutions to SMBs, operating as both a direct lender and a financing marketplace.

Read More