Microsoft blames Strontium for hacking IoT devices

The Microsoft Security Response Center has published a post according to which, in April this year security researchers at Microsoft discovered that attempts had been made to compromise popular IoT devices (a VoIP phone, an office printer, and a video decoder) across multiple customer locations. The investigation revealed that the perpetrator used these devices to gain access to corporate networks. In two of the cases, the passwords for the devices were deployed without changing the default manufacturer’s passwords, and in the third case, the latest security update had not been applied to the device. These vulnerabilities enabled the attacker to establish a presence on the network and to look for further access. The team attributed the attacks to Strontium and notified those who were targeted. An analysis revealed that one in five attacks is made against non-governmental organisations, think-tanks, or politically affiliated organisations around the world. The remaining 80% of the attacks target organisations in the following sectors: government, IT, military, defense, medicine, education, and engineering. The team also discovered attacks against Olympic organising committees, anti-doping agencies, and the hospitality industry.