IoT malware tripled in the first half of 2018

Cryptocurrency mining, DDoS attacks and botnet activities are becoming more prevalent

A collection of IoT devices

Kaspersky's latest IoT Lab Report has revealed that Internet of Things malware has tripled in the first half of 2018 and attacks are becoming more sophisticated as hackers realise the financial opportunities of breaking into networked devices.

One of the biggest problems the industry is facing is that attacks, such as malicious cryptocurrency mining, DDoS attacks and botnet activities are becoming more prevalent and harder for manufacturers to combat.

Using brute force to guess passwords at a shocking rate is the most commonly used methods of attack by criminals, accounting for 93% of hacking methods they use, while routers were the most used type of equipment to bombard what the company describes as "honeypots" - the IoT test devices used as a gateway for an attack.

"For those people who think that IoT devices don't seem powerful enough to attract the attention of cybercriminals, and that won't become targets for malicious activities, this research should serve as a wake-up call," David Emm, principal security researcher at Kaspersky Lab said.

"Some smart gadget manufacturers are still not paying enough attention to the security of their products, and it's vital that this changes and that security is implemented at the design stage, rather than considered as an afterthought. At this point, even if vendors improve the security of devices currently on the market, it will be a while before old, vulnerable devices have been phased out of our homes."

Kaspersky explained the main reason criminals are using the IoT as a way of breaking into devices is to harness them as a gateway to implement a DDoS attack using botnets. However, other motivations for attacking IoT devices include aiming to turn off competing malware, fix vulnerabilities in installed malware and shut down vulnerable services on the device so other malware can't use security holes.

Emm added that one of the biggest concerns of security researchers and manufacturers should be the rate at which attacks are customised and new attacks are developed.

"While previously exploited breaches have not been fixed, criminals are constantly discovering new ones," he said. "IoT products have therefore become an easy target for cybercriminals, who can turn simple machines into powerful devices for illegal activity, such as spying, stealing, blackmailing and conducting Distributed Denial of Service (DDoS) attacks."

Featured Resources

How virtual desktop infrastructure enables digital transformation

Challenges and benefits of VDI

Free download

The Okta digital trust index

Exploring the human edge of trust

Free download

Optimising workload placement in your hybrid cloud

Deliver increased IT agility with the cloud

Free Download

Modernise endpoint protection and leave your legacy challenges behind

The risk of keeping your legacy endpoint security tools

Download now

Recommended

Hackers could use new Wslink malware in highly targeted cyber attacks
malware

Hackers could use new Wslink malware in highly targeted cyber attacks

1 Nov 2021
FBI raids Chinese POS business following cyber attack claims
malware

FBI raids Chinese POS business following cyber attack claims

27 Oct 2021
Malware developers create malformed code signatures to avoid detection
malware

Malware developers create malformed code signatures to avoid detection

24 Sep 2021
New malware uses search engine ads to target pirate gamers
malware

New malware uses search engine ads to target pirate gamers

21 Jul 2021

Most Popular

How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

4 Jan 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

6 Jan 2022
Microsoft Exchange servers break thanks to 'Y2K22' bug
email delivery

Microsoft Exchange servers break thanks to 'Y2K22' bug

4 Jan 2022