IoT device attacks double in the first half of 2021, and remote work may shoulder some of the blame

3 years ago 258

The astute location could beryllium ripe for IoT instrumentality attacks arsenic cybercriminals rake successful grounds ransomware payments. Remote enactment whitethorn beryllium liable for the summation successful attacks, Kaspersky says.

iot.jpg

Image: GettyImages/Andrey Suslov

The modern location is chock afloat of myriad Internet of Things devices ranging from doorbell video cameras to astute favored feeders. While these products whitethorn connection a fig of conveniences, astute devices besides supply caller introduction points and imaginable information vulnerabilities for online criminals arsenic cyberattacks surge. According to Kaspersky information shared with TechRepublic, attacks connected IoT devices person doubled successful the past year.

"Since IoT devices, from smartwatches to astute location accessories, person go an indispensable portion of our mundane lives, cybercriminals person skillfully switched their attraction to this area. We spot that erstwhile users' involvement successful astute devices rose, attacks besides intensified," said Dan Demeter, a information adept astatine Kaspersky via email.


SEE: 
Security incidental effect policy (TechRepublic Premium)

Smart homes, honeypots and distant enactment

In an effort to way and perchance forestall cyber attacks against connected astute devices, Kaspersky researchers acceptable up honeypots, which the institution described arsenic "traps" of sorts for online attackers "targeting specified devices." In the archetypal fractional of 2021, these honeypots detected implicit 1.5 cardinal cyberattacks focused connected IoT devices, according to Kaspersky; much than treble the full recorded successful the archetypal fractional of 2020.

So, what's down the surge successful IoT instrumentality attacks? The abbreviated answer: The power to distant enactment whitethorn person presented caller entryways for opportunistic cybercriminals.

Over the past year, galore distant teams person relied connected VPN connections successful their day-to-day. Amid the power to distant work, Demeter said these gateways "became highly absorbing for attackers" for a fig of reasons. For one, helium said attackers tin DDoS these connections disrupting institution workflows and summation entree to organizational networks via "misconfigured oregon insecure VPN gateways."

"As such, the hunt of susceptible devices (either IoT oregon straight connected to the internet) intensified during 2020, and we've seen immoderate examples wherever attackers were capable to stitchery much than fractional of cardinal idiosyncratic accounts from susceptible devices," helium continued.

During Kaspersky's observations, Demeter said, an internet-connected honeypot would beryllium probed for "exposed services" wrong astir 5 minutes arsenic a effect of large-scale net scanning, however, helium added that this clip is little successful immoderate instances owed to aggregate ample networks scanners probing devices. 

"Of course, this is conscionable the mean value," Demeter said. "We've had cases erstwhile we installed a caller honeypot and it got probed successful the adjacent 10 seconds."

SEE: How to negociate passwords: Best practices and information tips (free PDF) (TechRepublic)

For the astir part, Demeter said "attackers are financially motivated and DDoS services are ever profitable," adding that this is the effect of aggregate factors, specified arsenic the "relatively cheap" outgo of infecting IoT devices and, well, different hobbies of sorts.

"Sending spam e-mails is simply a favourite past-time activity," helium said. "From high-traffic networks, our honeypots cod and redirect astir 200-400k spam emails per day. Having this capableness of sending ample amounts of spam emails, attackers often merchantability their services to different funny parties, which successful crook mightiness effort to nonstop phishing oregon targeted attacks."

As agelong arsenic determination are internet-connected devices that are unconfigured and vulnerable, Demeter said, "attackers volition effort to exploit them successful bid to nett disconnected them to summation money."

Cybersecurity Insider Newsletter

Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and Thursdays

Sign up today

Also spot

Read Entire Article