The malware was revealed as part of the research of a global cyber security campaign, dubbed RADIATION by the CyberX research team. The uniqueness of this campaign can be attributed to the targeting of IoT devices and the enhancement of an existing family of malware for that purpose. The malware infected organizations in multiple industries, with the highest number of victims residing in Taiwan, US and Israel. The RADIATION campaign is categorized as an IoT Distributed Denial of Service (DDoS) campaign. The discovery of RADIATION comes only days following a demonstration of another advanced IoT attack, which was referred to as the "first ransomware for IoT thermostats" in DEF CON 2016.
"This event is a cornerstone in the evolution of IoT security. These advanced threats are shaping before our very eyes, and should not be taken lightly," said Omer Schneider, CEO & Co-Founder of CyberX. "RADIATION demonstrates the continuously evolving skillset of attackers. It is only the beginning of what we believe to be the dawn of IoT cyber campaigns," said Nir Giller, CTO & Co-founder of CyberX. "Ranging from manipulation of infusion pumps to ransomware for IoT thermostats, IoT environments are becoming high value targets."
The CyberX research team started investigating RADIATION following a notification which was generated by XSense, the CyberX flagship solution for Industrial IoT environments. The team also discovered that RADIATION was already utilized to inflict DDoS attacks. One of its victims include SKAT, the Danish Customs and Tax Administration. The complete RADIATION report can be found on the CyberX website .