https://www.iotworldtoday.com/wp-content/themes/ioti_child/assets/images/logo/IoTWorldToday-mobile-logo.png
  • Home
  • News
    • Back
    • Roundups
  • Strategy
  • Special Reports
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Podcasts
    • Strategic Partners
    • Latest videos
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Editorial Submissions
  • Events
    • Back
    • IoT World Expo Austin
Iot World Today
  • NEWSLETTER
  • Home
  • News
    • Back
    • Roundups
  • Strategy
  • Special Reports
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Podcasts
    • Strategic Partners
    • Latest videos
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Editorial Submissions
  • Events
    • Back
    • IoT World Expo Austin
  • newsletter
  • IIoT
  • Cities
  • Energy
  • Homes/Buildings
  • Transportation/Logistics
  • Connected Health Care
  • Retail
  • AI
  • Metaverse
  • Development
  • Security
ioti.com

Security


Getty Images

Abstract illustration of hacker entering curtain of computer code

IoT Malware Soars, with Both Consumer and Enterprise Devices at Risk

Kaspersky Lab’s IoT honeypot research shows a doubling of malware attacks since last year; attacks are coming from both home devices and computers with enterprise connectivity.
  • Written by Courtney Bjorlin
  • 20th June 2017

The number of new malware samples targeting IoT devices has nearly doubled since last year, according to new research from Kaspersky Lab published on SecureList, the online headquarters of the firm’s security experts.

Most of the IoT malware attacks (more than 63 percent) originated from digital video recorder (DVR) services or IP cameras, while about 20 percent were different types of network devices and routers from all major manufacturers, according to the research. About 20 percent of the devices could not be identified unequivocally.

What’s more, honeypots not only recorded attacks coming from network hardware classed as home devices, but saw IoT malware attacks arriving from IP addresses that hosted monitoring and/or device management systems with enterprise and security links. This included point-of-sale devices at stores, restaurants and filling stations; digital TV broadcasting systems; physical security and access control systems; environmental monitoring devices; a monitoring system at a seismic station in Bangkok; industry-grade programmable microcontrollers; and power management systems, indicating that one or more devices were infected on the networks where they reside.

“IoT devices are now a ‘honey’ for cybercriminals,” Denis Makrushin, security researcher for Kaspersky Lab, said via email. “Connected devices are a potential entry point for attackers, which cannot be easily mitigated by traditional security solutions.”

It’s further evidence of the challenges inherent in securing connected devices. Slow and inconsistent firmware updates, preconfigured passwords that can be the same for a manufacturer’s entire product range, and the fact that devices often have telnet and/or SSH ports available to the outside world expose smart devices and the networks to which they’re connected to a host of vulnerabilities, according to researchers.

“The phenomena of integrating IoT with business processes creates another vector to affect these processes and, as a result, affects the whole business,” Makrushin said. “Cybercriminals see a new opportunity and create new threats based on exploitation of vulnerabilities in IoT devices.”

Ensuring that consumers recognize the risk of connected devices and IoT malware is a problem that even has the U.S. federal government’s attention. On Monday, the Federal Trade Commission added its input to draft guidance on how IoT device manufacturers can better inform consumers about security updates for IoT devices, according to an FTC press release.

Last year, Kaspersky Lab’s collection included 3,219 types of malware. This year, the honeypots, which imitated various devices running Linux and connected to the Internet, yielded 7,242 types of malware. In most cases, the attempted connections used the telnet protocol; the rest used SSH, according to the research. Most of the IP addresses from which attempted connections arrived at the honeypots respond to HTTP requests and typically, there were several devices using each IP address.

The researchers were “surprised by the speed of attackers’ reactions to the emergence of new resources on the Internet,” Makrushin said. For example, some seconds after the team published a new IoT resource, they would see the first attempted connections to the open telnet port.

Researchers also found that there are certain days of the week when there are surges in malicious activity (such as scanning, password attacks, and attempted connections).

“It appears Monday is a difficult day for cybercriminals too,” the researchers wrote. “We couldn’t find any other explanation for this peculiar behavior.”

Tags: Article Security Strategy Technologies News

Related Content


  • Caltech campus
    Robots Could Gain Sense of Touch, With New Artificial Skin
    New design can help businesses determine the presence of hazardous materials, offer greater safety for workers
  • Clearview AI Fined $9.4M Over Facial Data Scraping
    The company was ordered to delete any data it held on U.K. citizens.
  • Microsoft Ramping up Cybersecurity Service Offerings
    Three new managed services will boost the company’s presence in the security space
  • IoT Product Roundup
    IoT Product Roundup: PTC, Nokia, Arm and More
    All the latest Internet of Things products

Leave a comment Cancel reply

-or-

Log in with your IoT World Today account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest News

  • Northrop Grumman Harnesses IoT for New Missile Integration Facility 
  • Microsoft Extends Secured-Core Program to IoT Devices
  • Spot the Robot Dog Helps Police Ahead of Boston’s Fourth of July Celebration
  • Unmanned Robotic Combat Vehicle Being Tested

Roundups

View all

IoT Deals & Partnerships Roundup: Nokia, Accenture and More

29th July 2022

IoT Deals & Partnerships Roundup: Nokia, SoftBank, Microsoft and More

15th July 2022

IoT Product Roundup: Nokia, Energous, Dashbot and More

6th July 2022

White Papers

View all

The Role of Manufacturing Technology in Continuous Improvement Ebook

6th April 2022

IIoT Platform Trends for Manufacturing in 2022

6th April 2022

Events

View all

IoT World Expo Austin

2nd November 2022 - 3rd November 2022

Latest Videos

View all
Image shows a road within the Curiosity Lab at Peachtree Corners

Brandon Branham, Peachtree Corners, on Smart Cities

Peachtree Corners CTO and assistant city manager chats with IoT World Today’s Chuck Martin about what’s happening at Curiosity Labs

Image shows a Beep electric autonomous shuttle

Joe Moye, Beep, on Self-Driving Shuttles

Beep’s CEO chatted with IoT World Today’s Chuck Martin about the deployment of the company’s electric autonomous shuttles

E-books

View all

How Remote Access Helps Enterprises Improve IT Service and Employee Satisfaction

12th January 2022

An Integrated Approach to IoT Security

6th November 2020

Webinars

View all

Is MQTT becoming the de facto standard of Industry 4.0? The impact of IoT on industrial automation protocols

18th August 2022

Building trust for a connected world

25th August 2022

Is MQTT becoming the de facto standard of Industry 4.0? The impact of IoT on industrial automation protocols

18th August 2022

Special Reports

View all

Omdia’s Smart Home Market Dynamics Report

7th January 2022

Cybersecurity Protection Increasingly Depends on Machine Learning

28th October 2020

IoT Security Best Practices for Industry and Enterprise

20th October 2020

Twitter

IoTWorldToday, IoTWorldSeries

The Future of 5G Featured at IoT World 2022 dlvr.it/SW6Szm https://t.co/eXWr6mfQya

5th August 2022
IoTWorldToday, IoTWorldSeries

Mars Drones Complete Testing on Active Volcano dlvr.it/SW6M4d https://t.co/mB8Suz1hzU

5th August 2022
IoTWorldToday, IoTWorldSeries

Honeywell Partnership Provides Flying Car Control Technologies dlvr.it/SW3t5n https://t.co/iFftFZaHxD

4th August 2022
IoTWorldToday, IoTWorldSeries

Driverless Autonomous Vehicles Arrive in China dlvr.it/SW3nzN https://t.co/nAVugrMzqG

4th August 2022
IoTWorldToday, IoTWorldSeries

Hyundai Reveals Futuristic Smart City With Automated Transport dlvr.it/SW3jgr https://t.co/fPaR8B0ikN

4th August 2022
IoTWorldToday, IoTWorldSeries

More Intelligently Converting DC Voltages dlvr.it/SW2tKz https://t.co/SMFWhTPpCW

4th August 2022
IoTWorldToday, IoTWorldSeries

Illinois Researchers Use AI to Teach Robots Teamwork dlvr.it/SW1DsC https://t.co/M3wqXN9JaR

3rd August 2022
IoTWorldToday, IoTWorldSeries

BMW Reveals $308M Test Track for Autonomous Cars dlvr.it/SW0D8q https://t.co/3zXFVnl4rd

3rd August 2022

Newsletter

Sign up for IoT World Today newsletters: vertical industry coverage on Tuesdays and horizontal tech coverage on Thursdays.

Special Reports

Our Special Reports take an in-depth look at key topics within the IoT space. Download our latest reports.

Business Resources

Find the latest white papers and other resources from selected vendors.

Media Kit and Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • IoT World Series
  • Channel Futures
  • RISC-V
  • Dark Reading
  • ITPro Today
  • Web Hosting Talk

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Login/Register

FOLLOW IoT World Today ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X