With the push for widespread proliferation of WiFi/IP based IoT devices this will become more commonplace. This is another premise for non-WiFi IoT devices that run on closed networks such as Z-Wave, Zigbee, Lutron ClearConnect, etc. Devices residing on standard IP networks will likely become targets for these types of attacks. It is estimated that by the year 2020 some 50 billion IoT devices will be deployed worldwide. Today, the number of deployed IoT devices outnumber the population of personal computers and mobile phones, combined. With each networked IoT device having its own separate network stack, these collective devices present a formidable vulnerability.
As long as the Hubitat Elevation hub and associated hubs that sit on the IP network are secure, The closed home automation IoT network will be less likely a target. The HE platform being a local, non-cloud based platform, will further help protect the HE ecosystem from these types of attacks. I don't think that most people are considering how vulnerable their IoT control platforms are to attacks and I also think that the next "big" attack will target these types of devices. Keeping the HE hub (and ancillary hubs ie. Lutron, Etc) secure is critical to the health and security of our homes that use these types of integrated systems.
Overview
Internet of Things (IoT) devices; like smart thermostats, Alexa/Google Home/etc., Smart TV’s, and a host of other appliances and devices that do not require connections to a computer or mobile phone to operate but do connect directly to the Internet; are difficult to secure.
Three such devices – a Voice over IP phone, an Internet connected printer, and a device used for video transmission operations – were recently targeted for attack by a hacking group identified with Russian state-sponsored attacks. These attacks used the IoT devices as a “landing point” to attack additional targets on the company network; as breaking into the IoT devices was far easier than directly attacking more rigorously secured data systems.
What is the threat?
Microsoft has reported that in April its Threat Intelligence Center discovered a targeted attack against IoT devices—a VOIP phone, a printer and a video decoder. Specifics as to the make and model of these devices were not released to the public. The attack hit multiple locations, using the devices as soft access points into wider corporate networks. Two of the three devices still carried factory security settings, the software on the third hadn't been updated. Microsoft said hackers used the compromised IoT devices as an entry point into their targets' internal networks, where they then scanned for other vulnerable systems to expand this initial foothold.
Importance?
Attribution of the attack has been made to one of Russia's elite state-sponsored hacking groups that is going after IoT devices as a way to breach corporate networks, from where they pivot to other more high-value targets. Microsoft attributed the attacks to a group it called Strontium but is also commonly known as APT28 or Fancy Bear. This group has allegedly been previously involved in the DNC hack of 2016; and which, according to an indictment filed in 2018 by US officials, has been identified as Unit 26165 and Unit 74455 of the Russian military intelligence agency GRU.