IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

IoT devices are more vulnerable than ever

Ove a billion attacks recorded on IoT devices in the first six months of the year

Over 1.5 billion attacks against Internet of Things (IoT) devices were detected by security researchers in the first half of the year, according to new research from Kaspersky.

Based on an analysis of telemetry data from the company’s honeypots, cyber attacks against IoT devices have increased by over 100%. In the first half of 2021, the number of total infection attempts reached 1,515,714,259. During the final six months of 2020, there were only 639,155,942.

Most of the attacks used the telnet protocol to access IoT devices. Researchers recorded over 872 million — 58% of the total — using this protocol. The rest used SSH (34%) and web (8%) channels. Hackers can use these compromised devices in a botnet to mine for cryptocurrency, launch DDoS attacks, or steal confidential data.

Kaspersky Security Expert Dan Demeter says since IoT devices, from smartwatches to smart home accessories, have become essential parts of our everyday lives, cyber criminals have skillfully switched their attention to this area.

“We see that once users’ interest in smart devices rose, attacks also intensified,” he said. “Some people believe they aren’t important enough to be hacked but we’ve observed how attacks against smart devices intensified during the past year. Most of these attacks are preventable, that’s why we advise smart home users to install a reliable security solution, which will help them stay safe.” 

Kaspersky recommended updating device firmware and changing any default passwords to something stronger or different. Any devices behaving oddly should also be rebooted to eliminate malware.

Sachin Shah, CTO of Operational Technology and ICS at Armis, told IT Pro that IoT exploitation is on the rise.

Related Resource

The state of ransomware in retail 2021

Insights into the current state of ransomware in the retail sector

Whitepaper front coverFree download

“Protecting such a colossal attack surface is no easy task, especially when there are so many varying types and security standards on the devices,” he said. “The prevailing concern from a security operations perspective regarding those billions of IoT devices, is that anything connected can be hacked. Each IoT device represents an attack surface that presents attackers with an avenue into your data.”

“And unlike laptops and smartphones, most IoT small factor devices hold less processing and storage capabilities. This makes it difficult to employ anti-virus, firewalls, and other security applications that could help protect them. At the same time, edge computing intelligently aggregates local data, making it a concentrated target for sophisticated threat actors. Ransomware can also target applications and data in addition to IoT device hardware,” he added.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Twilio account breach result of sophisticated social engineering campaign
Security

Twilio account breach result of sophisticated social engineering campaign

9 Aug 2022
Over 200,000 DrayTek routers vulnerable to total device takeover
Security

Over 200,000 DrayTek routers vulnerable to total device takeover

3 Aug 2022
Data on 69 million Neopets users stolen and listed for sale on hacker forum
Security

Data on 69 million Neopets users stolen and listed for sale on hacker forum

21 Jul 2022
What is zero trust?
network security

What is zero trust?

14 Jul 2022

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022