Half of top 12 major cyber security exploits target IoT devices


A report by Fortinet has revealed that the Internet of Things (IoT) is a big risk to business security, with half of the top 12 security exploits reported in the fourth quarter of 2018 relating to such devices. Four of these involved IP-enabled cameras, with criminals able to hack into them and view footage in many cases.

Overall, the number of exploits were up 10% compared to the previous quarter, showing malicious actors certainly didn't take a break over the festive season.

"'The age of Cy-Phy'the convergence of cybersecurity things and physical spacesis here. Although the appeal of this convergence to our digital economy is almost sci-fi in terms of imagination, unfortunately the cybersecurity risks are very real," said Phil Quade, chief information security officer at Fortinet.

"Cyber criminals are closely watching and developing exploits that target this emerging digital convergence. Fundamental elements of cybersecurity, including visibility, automation, and agile segmentation, are more critical than ever to enable us to thrive in our Cy-Phy digital future, and to protect us against the malicious activities of our cyber adversaries."

Botnets became more advanced over the three months ending 2018, as well as becoming more prevalent; it took an average of 12 days for businesses to become infected by one, with criminals turning to automation and machine learning to administer them.

Another threat to businesses were open-source malware tools, most commonly used by businesses and researchers to test their defences. However, hackers are also downloading and using them to break into networks with less favourable intentions. Tools such as the Mirai IoT botnet, originally developed with security testing in mind, has rapidly been adapted to cause damage.

Other growing threats highlighted in Fortinet's report include steganography, which involves injecting harmless-looking files with more damaging software and adware, the latter of which has become the top threat in most regions worldwide.

Clare Hopping
Freelance writer

Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.

Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.

As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.