Armis, the cyber-security firm that discovered the BlueBorne vulnerabilities in the Bluetooth protocol, warns that nearly half a billion of today's "smart" devices are vulnerable to a decade-old attack known as DNS rebinding.
Spurred by recent reports regarding DNS rebinding flaws in Blizzard apps, uTorrent, and Google Home, Roku TV, and Sonos devices, the company has recently analyzed the impact this type of attack has on Internet-of-Things-type of devices.
DNS rebinding attacks are when an attacker tricks a user's browser or device into binding to a malicious DNS server and then make the device access unintended domains.
DNS rebinding attacks are normally used to compromise devices and use them as relay points inside an internal network. A typical DNS rebinding attack usually goes through the following stages:
Armis says that IoT and other smart devices are perfect for attackers to target via DNS rebinding, mainly due to their proliferation inside enterprise networks, where they can play a key role into facilitating reconnaissance and data theft operations.
Experts say that following their investigation, they found out that nearly all types of smart devices are vulnerable to DNS rebinding, ranging from smart TVs to routers, from printers to surveillance cameras, and from IP phones to smart assistants.
All in all, experts put the number of vulnerable devices in the hundreds of millions, estimating it at roughly half a billion.
Patching all these devices against DNS rebinding attacks is a colossal task that may never be done, requiring patches from vendors that can't be bothered with security for trivial flaws like XSS and CSRF vulnerabilities, let alone complex attacks such as DNS rebinding.
But Armis experts say that integrating IoT devices into current cyber-security monitoring products may be the easiest and cost-effective solution, rather than looking and auditing new devices to replace the old ones.
Because IoT security has been a proverbial shitshow for the past year, the cyber-security market has reacted and adapted, and there are now many firms that provide specialized platforms for monitoring IoT devices for enterprises which want to avoid nasty surprises.
For example, just recently PIR Bank of Russia got a nasty surprise when discovered that hackers stole $1 million after they breached its network thanks to an outdated router.
It's not the 2000s anymore, and any respectable company nowadays must update its threat model to account for IoT devices, regardless if their vulnerable to DNS rebinding or any other flaw.