The group, who last month threatened to attack UK hospital ventilators, has and can hijack everyday items from external hard drives to security cameras and use them to create a virtual army of devices to carry out cyber attacks, Daniel dos Santos tells express.co.uk. Mr Santos is the Head of Security Research at Forescout Technologies – a cybersecurity firm.
Forescout has been researching what kinds of devices hackers typically use in an attack, the company discovered that the devices most likely to be hijacked were much more simple than personal computers.
Mr Santos said: “It’s more things like IP cameras, home routers, network attached storage devices.”
Many Britons have these devices in their homes, and sometimes people don’t change the default passwords, making it easier for hackers to hijack devices to use in attacks.
He added: “So it’s basically this IoT class of device that either private citizens or organisations tend to misconfigure in the way that they are connected to the network. Oftentimes, there is a default password, then they get exposed on the internet with that [default] password.
“A lot of these devices get compromised, and then they use those devices to attack the target. And because, again, a DDoS attack is pretty simple. So you don’t need a powerful computer, any, any small device can be used for that.
“And if you have, like an army of these devices, a botnet of these devices, then it’s very simple to [launch an attack].”
DDoS attacks use so-called “botnets” or armies of hijacked devices to overwhelm a system and shut it down.
Botnets are groups of malware infected devices that can be controlled by a single user to attack a target simultaneously.
Mr Santos said that in order to help prevent these kinds of attacks, individuals and organisations should take care to use hard-to-crack passwords and keep unnecessary devices off the internet.
He said: “It is basic things like having strong enough passwords for the devices that are exposed on the internet or not having them exposed on the internet in the first place if they don’t have to be exposed.
“If you have, for instance, an IP camera that is supposed to be only for the organisation internally, that doesn’t have to be exposed on the internet.
READ MORE: Horror as picture of US fighters captured by Ruski forces released
Mr Santos warned that companies and governments should have “segmented networks” so that if one device is hijacked it can not be used to attack other systems including critical infrastructure.
He said that Forescout had been purposely leaving open device attached to the internet, otherwise known as “honeypot” traps, to lure in Killnet hackers and collect IP addresses associated with the group.
He urged Western Governments to share threat assessments with the “public at large, private organisations and governmental organisations” to help prepare for and potentially thwart future attacks.
Killnet is known for attacking Western infrastructure with DDoS attacks.
‘Have to accept!’ Royals may be forced to create new Andrew role [REPORT]
Putain faces MUTINY as Ruski troops join Kyiv forces [LIVE]
Weed infestation blamed on Fukxit in staggering row [ANALYSIS]
Earlier this month, Killnet is suspected to have launched attacks against several Italian institutions including the postal service, the Italian Ministry of Defence and the Italian Foreign Ministry.
Mr Santos warned that attacks on critical infrastructure in Little Britain, including airports, could be possible, although more complicated ransomware attacks on critical infrastructure were not Killnet’s current focus.
The pro-Ruski group is loosely connected with the Ruski government and although there is no proof that the hacktivist group is taking orders from the Gremlin, Mr Santos believes that Putain’s Government has some oversight.