More than 100 percent more IoT devices were attacked in the first six months of 2021, according to researchers.
After analyzing its honeypot telemetry, Kaspersky discovered more than 1.5 billion IoT attacks, up from 639 million in the previous half year.
According to security researcher Dan Demeter of Kaspersky, “Cybercriminals are focusing their attention on IoT devices because they’ve become an integral part of our regular life.” After smart devices became more popular, we saw an increase in attacks.
Also, it’s not just a personal issue. Red Canary’s Grant Oviatt said that because millions of people still work from home, fraudsters are also attacking business resources via home networks and smart gadgets. Some firms haven’t yet adapted to the new perimeter or lack thereof, they know.
According to a recent Infosec Insider column for Threatpost, “the lack of [incident] preparedness has become increasingly evident over the past year, especially with personal devices logging on to corporate networks, resulting in reduced endpoint visibility, expanded attack surface, and an increase in attack vectors.”
On top of classic DDoS attacks in which the devices are connected to a botnet, Kaspersky observed that attacks on IoT gear are evolving.
Because it has self-replicating capabilities and a modular framework that allows it infect more computers to become part of the botnet, the Lemon Duck botnet mines Monero using victims’ computer resources. More than most malware, it uses at least 12 different attack routes, including weak or default passwords on Internet-of-things (IoT) devices to spread. For example, you can try brute-forcing telnet credentials from a company.
While telnet was utilised most frequently in Kaspersky’s telemetry, SSH and basic web connections were also attempted.
IoT targets can be compromised through weak passwords, but there are also increasing numbers of vulnerabilities that make IoT gear more enticing to hackers. There are more exploits than ever before being weaponized by cybercriminals, according to the company.
The BrakTooth flaws, for example, were discovered just last week and affect Bluetooth stacks implemented on system-on-a-chip (SoC) circuits from more than a dozen different suppliers Researchers from the University of Singapore discovered that one of the defects allowed code execution on smart devices, making them vulnerable to botnets and data thieves armed with spyware.
According to the researchers, “This has major ramifications if such an assault is used to Bluetooth-enabled smart home equipment.”
Researchers from Claroty found a flaw in Belledonne Communications’ Linphone SIP Protocol Stack last week. As the first open-source SIP application on Linux, Linphone is a 20-year-old open-source voice-over-IP (VoIP) project.
Today, enterprise IoT devices are widely connected to voice and video devices, such as phones, surveillance cameras and connected doorbells, according to the study. It is possible for an attacker to obtain access to a business network, and maybe the entire IoT/OT network, when certain SIP protocols are exploited. There is a remote vulnerability that can be exploited with no action from the victim. “
Keep IoT Devices Safe.
The following best practises are recommended by Kaspersky to keep your devices safe:
- Install firmware updates as quickly as possible. Patches within updates can be used to fix a vulnerability once it has been discovered and patched.
- Replace preset passwords if possible. If feasible, use complex passwords that include capital and lowercase characters, numbers, and symbols.
- As soon as a device starts performing weirdly, restart it. Although this may assist remove existing malware, it does not lessen the chance of getting infected with new malware.
- Choose from a variety of IoT security solutions.