New research from Kaspersky has revealed that cyberattacks on IoT devices are booming with 105m attacks on IoT devices (originating from 276k unique IP addresses) detected during the first half of this year alone.
This figure is seven times higher that the number found in H1 2018 when only around 12m attacks originating from 69,000 IP addresses were detected.
Consumers and businesses have continued to purchase smart, network-connected devices such as routers and DVR security cameras, despite the weak security measures included by manufacturers. Cybercriminals are now capitalizing on the weak security of IoT products and have increased their attempts to create and monetize IoT botnets.
To learn more about IoT attacks and how to prevent them, experts at Kaspersky set up honeypots to attract cybercriminals and the cybersecurity firm recently released its findings in a new report called ‘IoT: a malware story‘.
By analyzing the data collected from its honeypots, Kaspersky found that attacks on IoT devices are less likely to be sophisticated but more likely to be stealth-like as users may not even notice their devices are being exploited.
The Mirai malware family was behind 39 percent of the attacks the firm detected and this malware is capable of using exploits which means that botnets based on it can slip through old, unpatched vulnerabilities to devices and gain control over them.
The second most widespread malware family, Nyadrop employs password brute-forcing to gain control over IoT devices. Nyadrop was seen in 38.57 percent of attacks and the malware is often used to download Mirai onto devices. Finally, the third most common botnet threatening smart devices is called Gafgyt and it was responsible for 2.12 percent of attacks while also employing brute-forcing.
Kaspersky’s researchers were also able to locate the regions that became source of infection most often in H1 2019. China took top place with 30 percent of all IoT attacks occurring in its borders, followed by Brazil at 19 percent and Egypt at 12 percent.
Security researcher at Kaspersky, Dan Demeter provided further insight on the report’s findings, saying:
“As people become more and more surrounded by smart devices, we are witnessing how IoT attacks are intensifying. Judging by the enlarged number of attacks and criminals’ persistency, we can say that IoT is a fruitful area for attackers that use even the most primitive methods, like guessing password and login combinations. This is much easier than most people think: the most common combinations by far are usually “support/support”, followed by “admin/admin”, “default/default”. It’s quite easy to change the default password, so we urge everyone to take this simple step towards securing your smart devices”