IoT malware tripled in the first half of 2018

Cryptocurrency mining, DDoS attacks and botnet activities are becoming more prevalent

A collection of IoT devices

Kaspersky's latest IoT Lab Report has revealed that Internet of Things malware has tripled in the first half of 2018 and attacks are becoming more sophisticated as hackers realise the financial opportunities of breaking into networked devices.

One of the biggest problems the industry is facing is that attacks, such as malicious cryptocurrency mining, DDoS attacks and botnet activities are becoming more prevalent and harder for manufacturers to combat.

Using brute force to guess passwords at a shocking rate is the most commonly used methods of attack by criminals, accounting for 93% of hacking methods they use, while routers were the most used type of equipment to bombard what the company describes as "honeypots" - the IoT test devices used as a gateway for an attack.

"For those people who think that IoT devices don't seem powerful enough to attract the attention of cybercriminals, and that won't become targets for malicious activities, this research should serve as a wake-up call," David Emm, principal security researcher at Kaspersky Lab said.

"Some smart gadget manufacturers are still not paying enough attention to the security of their products, and it's vital that this changes and that security is implemented at the design stage, rather than considered as an afterthought. At this point, even if vendors improve the security of devices currently on the market, it will be a while before old, vulnerable devices have been phased out of our homes."

Kaspersky explained the main reason criminals are using the IoT as a way of breaking into devices is to harness them as a gateway to implement a DDoS attack using botnets. However, other motivations for attacking IoT devices include aiming to turn off competing malware, fix vulnerabilities in installed malware and shut down vulnerable services on the device so other malware can't use security holes.

Emm added that one of the biggest concerns of security researchers and manufacturers should be the rate at which attacks are customised and new attacks are developed.

"While previously exploited breaches have not been fixed, criminals are constantly discovering new ones," he said. "IoT products have therefore become an easy target for cybercriminals, who can turn simple machines into powerful devices for illegal activity, such as spying, stealing, blackmailing and conducting Distributed Denial of Service (DDoS) attacks."

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

Android malware vendor teams with marketer to promote new malware
malware

Android malware vendor teams with marketer to promote new malware

11 Jan 2021
Python-based malware steals Outlook files and browser credentials
malware

Python-based malware steals Outlook files and browser credentials

15 Dec 2020
Subway UK customers targeted by Trickbot hackers
hacking

Subway UK customers targeted by Trickbot hackers

14 Dec 2020
Power banks could infect your smartphone with malware
malware

Power banks could infect your smartphone with malware

9 Dec 2020

Most Popular

Citrix buys Slack competitor Wrike in record $2.25bn deal
collaboration

Citrix buys Slack competitor Wrike in record $2.25bn deal

19 Jan 2021
IT retailer faces €10.4m GDPR fine for employee surveillance
General Data Protection Regulation (GDPR)

IT retailer faces €10.4m GDPR fine for employee surveillance

18 Jan 2021
How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021