105 million attacks on smart devices detected by Kaspersky Labs
Kaspersky’s honeypots have detected 105,000,000 attacks on consumer IoT devices from 276,000 unique IP addresses in the first six months of the year. This number marked increase in comparison to the first half of 2018, when about 12,000,000 attacks originating from 69,000 IP addresses detected. IoT security is an ongoing issue and attacks are increasing at a rapid rate.
Digital attacks targeting IoT devices are increasing. Most users who are buying smart devices, such as routers or DVR security cameras, donβt considers them worthy of protection. Therefor, digital criminals see economic opportunities to exploit such gadgets. The criminals use networks of infected smart devices to conduct DDoS attacks. To learn about and to prevent these attacks, Kaspersky experts set up honeypots as bait. They will draw the attention of digital criminals and analyze their activities.
According to the data of the honeypots, attacks against IoT devices are not sophisticated. Users may not notice the possible exploitation of their devices. The malware family behind 39% of the attacks can use exploits. That means these botnets can sneak through vulnerabilities in the device and test them. A different method is password brute-forcing. Nyadrop, the second most prevalent malware family, chose this method.
“We see how attacks are intensifying with the increased use of smart devices. Judging by the expanded number of attacks and the persistence of criminals, we can say that IoT is a fertile ground for attackers using even the most rudimentary methods, such as guessing passwords and combinations of login details. This is much easier than most people think: the most common combination is usually “support/support”, followed by “admin/admin” and “default/default”. It’s easy enough to change the default password, so we urge everyone to take this simple step to secure their ‘smart’ devices,” said Dan Demeter, security researcher at Kaspersky.
Recommendations
To keep your devices safe, Kaspersky recommends:
-
Install updates for the firmware you are using. When it detects a vulnerability, it can fix it through code updates within the updates.
-
Use complex passwords that include upper and lower case letters, numbers, and symbols if possible.
-
Reboot a device as soon as you think it is behaving strangely.
-
Keep access to IoT devices restricted via a local VPN, which will allow you to access them from your home network instead of risking public exposure on the internet.
If you liked this post, then you may also enjoy this one.
Author: PC-GR
The World of Technology
