IoT malware threats ballooned in 2018

But the majority of exploits centre around weak credentials or unpatched software

A collection of IoT devices

The scale of emerging malware threats affecting Internet of Things (IoT) devices more than doubled last year as connected devices grew in popularity with businesses and consumers.

An explosion of IoT adoption during 2018 gained the attention of cyber criminals, who now consider this technology as "easy prey" given the majority of exploits centre on weak passwords or unpatched software.

Despite detecting just five significant malware threats in 2017 and three the year before, researchers with F-Secure Labs outlined 19 variants across ten strands that posed risks to the IoT ecosphere last year.

These threats, actively exploiting devices in the wild, included Hide 'N Seek, VPNFilter, and Ghost DNS. VPNFilter, in particular, marked a new dawn for IoT threats given this is the first that appears to have been sponsored by a nation-state, according to F-Secure.

However, the majority of observed exploits used against connected devices, 87%, hinged on breaching weak or default credentials, unpatched software vulnerabilities, or a combination of the two.

"The explosion of IoT devices in people's homes and offices is attracting attention from cyber criminals," the report said. "And thanks to the security problems commonly found in these devices, they present attackers with low hanging fruit to pick.

"This explosion of attacks suggests that there is still plenty of "easy prey" out there and criminals are going after it."

The researchers highlighted public-facing devices such as routers, cameras and digital video recorders (DVRs) as among the most obvious targets for criminals in the current landscape.

Embedded computers in appliances like washing machines and fridges are nearly as vulnerable with more and more appliances becoming connected.

The automatic infection of IoT devices, meanwhile, is the biggest threat users face, with multiple ways to attack the control interfaces. These include HTTP, SSH and Telnet ports. Incidentally, of the attacks observed by F-Secure in 2018 in 'honeypot' servers, 59% targeted Telnet ports, representing a huge spike.

"Deploying massive amounts of computing power without prioritising security and privacy has created a new target that criminals are just beginning to exploit," the researchers concluded.

"This requires immediate action by manufacturers, regulators and everyone responsible for connecting people to the internet. Because when these threats turn our technologies against us, no one can say that we weren't warned."

As for how the threats will change in the future, the researchers speculated that the majority of IoT threats are likely to focus on using hijacked computing power to help to launch denial-of-service (DoS) attacks and for cryptocurrency mining.

Businesses, meanwhile, have in the past been targeted through IoT infrastructure, including devices such as aquariums and cardiac devices, suggesting that hackers may down the line pursue high-value targets using connected devices.

The report echoed calls for legislation and harsher regulations around IoT security, with companies also calling for the government to intervene and set better regulations.

Research in January showed that 79% of decision-makers believe the government should be playing a more active role in combating IoT cyber crime, whether through creating a framework or establishing clear responsibilities.

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Recommended

What is cloud-to-cloud backup?
cloud backup

What is cloud-to-cloud backup?

25 Nov 2020
What is phishing?
phishing

What is phishing?

25 Nov 2020
NCSC urges firms to patch against MobileIron vulnerability
Security

NCSC urges firms to patch against MobileIron vulnerability

25 Nov 2020
2FA bypass flaw on cPanel threatens the security of 70 million domains
Security

2FA bypass flaw on cPanel threatens the security of 70 million domains

25 Nov 2020

Most Popular

46 million Animal Jam accounts leaked after comms software breach
Security

46 million Animal Jam accounts leaked after comms software breach

13 Nov 2020
macOS Big Sur is bricking some older MacBooks
operating systems

macOS Big Sur is bricking some older MacBooks

16 Nov 2020
Tech becomes Bristol's fastest growing industry
Business strategy

Tech becomes Bristol's fastest growing industry

24 Nov 2020