. home.aspx


Microsoft: Russian state hackers are using IoT devices to breach enterprise networks

August 05, 2019 / CATALIN CIMPANU

One of Russia's elite state-sponsored hacking groups is going after IoT devices as a way to breach corporate networks, from where they pivot to other more high-value targets.Attacks have been observed in the wild said the Microsoft Threat Intelligence Center, one of the OS maker's cyber-security divisions.The OS maker attributed the attacks to a group it calls Strontium, but is also commonly known as APT28 or Fancy Bear.This group has been previously involved in the DNC hack of 2016, and which, acording to an indictment filed in 2018 by US officials, has been identified as Unit 26165 and Unit 74455 of the Russian military intelligence agency GRU. Microsoft said that in April this year, its staff spotted Strontium attempting "to compromise popular IoT devices across multiple customer locations."The hacker group tried to exploit a VOIP phone, an office printer, and a video decoder, Microsoft said."The investigation uncovered that an actor had used these devices to gain initial access to corporate networks," the Redmond-based company said. "In two of the cases, the passwords for the devices were deployed without changing the default manufacturer's passwords and in the third instance the latest security update had not been applied to the device."