Research from the cybersecurity gurus at Kaspersky has found that attacks targeting IoT devices have doubled over the past year.
The rapid proliferation of IoT devices, combined with often poor security, makes them an increasingly attractive target for hackers. Analysts at McKinsey estimate that 127 new devices are connected every second.
Dan Demeter, Security Expert at Kaspersky, said:
“Since IoT devices, from smartwatches to smart home accessories, have become an essential part of our everyday lives, cybercriminals have skillfully switched their attention to this area.
We see that once users’ interest in smart devices rose, attacks also intensified. Some people believe they aren’t important enough to be hacked but we’ve observed how attacks against smart devices intensified during the past year.
Most of these attacks are preventable, that’s why we advise smart home users to install a reliable security solution, which will help them stay safe.”
During the first six months of 2021, Kaspersky’s honeypots – which imitate vulnerable IoT devices – have been attacked over 1.5 billion times. To put that in perspective, it’s over twice as much as the previous six months when 639,155,942 infection attempts were logged.
Most of the attempts used telnet, while the rest used SSH and web:
| H2 2020 | H1 2021 | |
| telnet | 460,703,861 | 872,345,837 |
| ssh | 142,245,141 | 514,749,073 |
| web | 36,206,940 | 128,619,349 |
Kaspersky makes four recommendations to protect IoT devices:
- Install updates for the firmware you use as soon as possible. Once a vulnerability is found, it can be fixed through patches within updates.
- Always change preinstalled passwords. Use complicated passwords that include both capital and lower-case letters, numbers, and symbols if possible.
- Reboot a device as soon as you think it’s acting strangely. It might help eliminate existing malware, but this doesn’t reduce the risk of getting another infection.
- Review and choose security solutions that help to protect IoT ecosystems. Naturally, Kaspersky recommends its own Smart Home Security solution.
While many device manufacturers need to up their game and implement even basic security measures – such as making the changing of default passwords mandatory – it’s up to end-users to do what they can to protect their home and business networks.
(Photo by Possessed Photography on Unsplash)
Want to learn more about cybersecurity from leaders in the space? Check out Cyber Security & Cloud Expo Global, which runs from 6-7 September 2021.
