Kaspersky honeypots – networks of virtual copies of various internet connected devices and applications – have detected 105 million attacks on IoT devices coming from 276,000 unique IP addresses in the first six months of the year. This figure is around nine times more than the number found in H1 2018, when only around 12 million attacks were spotted originating from 69,000 IP addresses.

 

Capitalizing on weak security of Internet of Things (IoT) products, cybercriminals are intensifying their attempts to create and monetize IoT botnets. This and other findings are a part of the ‘IoT: a malware story’ report on honeypot activity in the first half of 2019 (H1 2019).

 

Cyberattacks on IoT devices are booming, as even though more and more people and organizations are purchasing ‘smart’ (network-connected and interactive) devices, such as routers or DVR security cameras, not everybody considers them worth protecting.

 

Cybercriminals, however, are seeing more and more financial opportunities in exploiting such gadgets. They use networks of infected smart devices to conduct DDoS attacks or as a proxy for other types of malicious actions. To learn more about how such attacks work and how to prevent them, Kaspersky experts set up honeypots decoy devices used to attract the attention of cybercriminals and analyze their activities.

 

Based on data analysis collected from honeypots, attacks on IoT devices are usually not sophisticated, but stealth-like, as users might not even notice their devices are being exploited. The malware family behind 39% of attacks – Mirai – is capable of using exploits, meaning that these botnets can slip through old, unpatched vulnerabilities to the device and control it.

 

Another technique is password brute-forcing, which is the chosen method of the second most widespread malware family in the list – Nyadrop.

 

Nyadrop was seen in 38.57% of attacks and often serves as a Mirai downloader. This family has been trending as one of the most active threats for a couple of years now. The third most common botnet threatening smart devices – Gafgyt with 2.12% – also uses brute-forcing.

 

The researchers were also able to identify the locations where most infections were discovered to have originated during the first six months of 2019. Topping the list of sources of infections is China, with 30% of all attacks taking place from this country, second is Brazil with 19%, followed by Egypt with 12%. In the same period last year, the situation was different with 28% detected from Brazil, 14% from China and 11% from Japan.

 

“As people become more and more surrounded by smart devices, we are witnessing how IoT attacks are intensifying. Judging by the increased number of attacks and criminals’ persistence, we can say that IoT is a fruitful area for attackers that use even the most primitive methods, like guessing passwords and login combinations. This is much easier than most people think: the most common combinations by far are usually “support/support”, followed by “admin/admin”, “default/default”. It’s quite easy to change the default password, so we urge everyone to take this simple step towards securing your smart devices,” said Dan Demeter, security researcher at Kaspersky.

 

To keep your devices safe, Kaspersky recommends users to:

  • Install updates for the firmware you use as soon as possible. Once a vulnerability is found, it can be fixed through patches within updates.
  • Always change preinstalled passwords. Use complicated passwords that include both capital and lowercase letters, numbers and symbols if it’s possible.
  • Reboot a device as soon as you think it’s acting strangely. It might help get rid of existing malware, but this doesn’t reduce the risk of getting another infection.
  • Keep access to IoT devices restricted by a local VPN, allowing you to access them from your “home” network, instead of publicly exposing them on the internet.

 

Kaspersky recommends companies to take the following measures:

  • Use threat data feeds to block network connections originating from malicious network addresses detected by security researchers.
  • Make sure all devices software is up to date. Unpatched devices should be kept in a separate network inaccessible by unauthorized users.

 

Read the full text of the report on Securelist.com


RECOMMENDED ARTICLE FOR TECHWORLD


 
Kaspersky Lab Moving Core Infrastructure from Russia to Switzerland; Opening First Transparency Center
Techworld Date Posted: 16 May 2018 3:56 PM | 168 Views
As part of its Global Transparency Initiative, Kaspersky Lab is adapting its infrastructure to move a number of core processes from Russia to Switzerland.. See More
 
Kaspersky Lab Moving Core Infrastructure from Russia to Switzerland; Opening First Transparency Center
Techworld Date Posted: 3:56 PM | 168 Views
As part of its Global Transparency Initiative, Kaspersky Lab is adapting its infrastructure to move a number of core processes from Russia to Switzerland.See More

 
Curious but Careless: APAC Online Users Give Up Social Media Details for Fun Quiz Results and Freebies, says Kaspersky Study
Techworld Date Posted: 23 September 2019 9:58 AM | 328 Views
Curious but Careless: APAC Online Users Give Up Social Media Details for Fun Quiz Results and Freebies, says Kaspersky Study. See More
 
Curious but Careless: APAC Online Users Give Up Social Media Details for Fun Quiz Results and Freebies, says Kaspersky Study
Techworld Date Posted: 9:58 AM | 328 Views
Curious but Careless: APAC Online Users Give Up Social Media Details for Fun Quiz Results and Freebies, says Kaspersky StudySee More

 
Symantec Simplifies Cloud Migration with Management Center 2.0
Techworld Date Posted: 29 August 2018 3:46 PM | 453 Views
Symantec Corp. (NASDAQ: SYMC), the world’s leading cyber security company, has announced significant enhancements to Symantec Management Center. The centralized solution manages the network portfolio inside of the Symantec Integrated Cyber Defense Platform, allowing.... See More
 
Symantec Simplifies Cloud Migration with Management Center 2.0
Techworld Date Posted: 3:46 PM | 453 Views
Symantec Corp. (NASDAQ: SYMC), the world’s leading cyber security company, has announced significant enhancements to Symantec Management Center. The centralized solution manages the network portfolio inside of the Symantec Integrated Cyber Defense Platform, allowing...See More

 
BIOSTAR Launches Compact High-Speed Storage Solution with M200 M.2 SSD
Techworld Date Posted: 20 March 2017 11:40 AM | 172 Views
BIOSTAR is thrilled to announce its latest addition to its great lineup of storage products. See More
 
BIOSTAR Launches Compact High-Speed Storage Solution with M200 M.2 SSD
Techworld Date Posted: 11:40 AM | 172 Views
BIOSTAR is thrilled to announce its latest addition to its great lineup of storage productsSee More

 
Hello, Ber Months! Realme Ushers in the Christmas Season with a Price Drop
Techworld Date Posted: 29 August 2019 6:50 PM | 391 Views
Hello, Ber Months! Realme Ushers in the Christmas Season with a Price Drop. See More
 
Hello, Ber Months! Realme Ushers in the Christmas Season with a Price Drop
Techworld Date Posted: 6:50 PM | 391 Views
Hello, Ber Months! Realme Ushers in the Christmas Season with a Price DropSee More

 
Secret No More: Hackers For Hire Dangle Attacks Against Medical Organizations on the Dark Web
Techworld Date Posted: 18 September 2019 4:19 PM | 402 Views
Secret No More: Hackers For Hire Dangle Attacks Against Medical Organizations on the Dark Web. See More
 
Secret No More: Hackers For Hire Dangle Attacks Against Medical Organizations on the Dark Web
Techworld Date Posted: 4:19 PM | 402 Views
Secret No More: Hackers For Hire Dangle Attacks Against Medical Organizations on the Dark WebSee More

 
The 24th Graphic Expo 2019: Connect. Collaborate. Cultivate!
Techworld Date Posted: 26 April 2019 5:28 PM | 436 Views
Experience the biggest gathering of printing, signs, and creative imaging distributors, re-seller, suppliers and service providers in the 24th Graphic Expo 2019 on June 06-08, 2019 at the SMX Convention Center, Mall of Asia,.... See More
 
The 24th Graphic Expo 2019: Connect. Collaborate. Cultivate!
Techworld Date Posted: 5:28 PM | 436 Views
Experience the biggest gathering of printing, signs, and creative imaging distributors, re-seller, suppliers and service providers in the 24th Graphic Expo 2019 on June 06-08, 2019 at the SMX Convention Center, Mall of Asia,...See More

 
ASUS Republic of Gamers Announces Strix XG27VQ
Techworld Date Posted: 23 August 2017 1:10 PM | 29 Views
ROG Strix XG27VQ is a Full HD display with an ultrafast 144Hz refresh rate and features ASUS-exclusive Extreme Low Motion Blur and Adaptive-Sync (FreeSyncTM) technologies for gameplay without tearing and stuttering. Its gaming-inspired design.... See More
 
ASUS Republic of Gamers Announces Strix XG27VQ
Techworld Date Posted: 1:10 PM | 29 Views
ROG Strix XG27VQ is a Full HD display with an ultrafast 144Hz refresh rate and features ASUS-exclusive Extreme Low Motion Blur and Adaptive-Sync (FreeSyncTM) technologies for gameplay without tearing and stuttering. Its gaming-inspired design...See More

 
GoDigital Releases OKTO as an Enabler for SMEs to Digitize Quickly at Scale
Techworld Date Posted: 1 March 2019 5:18 PM | 278 Views
More Filipinos are shifting to cashless payments year by year. Studies such as the Visa Consumer Payment Attitude Study 2018 highlight the growing preference of Filipino consumers for new payment methods. See More
 
GoDigital Releases OKTO as an Enabler for SMEs to Digitize Quickly at Scale
Techworld Date Posted: 5:18 PM | 278 Views
More Filipinos are shifting to cashless payments year by year. Studies such as the Visa Consumer Payment Attitude Study 2018 highlight the growing preference of Filipino consumers for new payment methodsSee More

 
Clean Machines: Startup’s Bots Sweep Up Corporate Campuses
Techworld Date Posted: 4 March 2019 3:49 PM | 190 Views
Gregg Ratanaphanyarat and Dawei Ding joined the ranks of college dropouts in 2016, leaving Penn State to launch a robotics startup for outdoor cleaning.. See More
 
Clean Machines: Startup’s Bots Sweep Up Corporate Campuses
Techworld Date Posted: 3:49 PM | 190 Views
Gregg Ratanaphanyarat and Dawei Ding joined the ranks of college dropouts in 2016, leaving Penn State to launch a robotics startup for outdoor cleaning.See More


Power by

Download Free AZ | Free Wordpress Themes