More than 100 million IoT attacks detected during H1 of 2019
Kaspersky honeypots detected 105 million attacks on IoT devices coming from 276,000 unique IP addresses in the first half of 2019.
The number of attacks is almost nine times greater than the number of attacks found in the first half of 2018, with around 12 million attacks originating from 69,000 IP addresses being identified.
Cyberattacks on IoT devices are increasing significantly, as more and more organisations and people are buying “smart” devices such as routers or DVR security cameras, without recognising the security risks.
Not everybody considers them worth protecting, therefore cybercriminals are able to monetise from the IoT devices due to their weak security.
In its “IoT: a malware story” report, Kaspersky setup honeypot to analyse the activities of cybercriminals. An analysis of the data discovered that cyberattacks on IoT devices are stealth-like and not sophisticated.
Mirai, the malware family behind 39% of the attacks, can slip through old, unpatched vulnerabilities within a device and control it by using exploits.
Another malware family, Nyadrop, which was seen in 38.57% attacks, uses the technique of password brute-forcing. The Nyadrop family represents one of the most active threats over the past years.
Additionally, researchers were able to identify the location where the sources of infection came from during H1 of 2019 – to which 30% of all attacks occurred in China, 19% in Brazil and 13% from Egypt.
In comparison to H1 2018, the majority of attacks came from Brazil (28%), followed by China (14%) and Japan (11%).
Dan Demeter, security researcher at Kaspersky Lab said:
“As people become more and more surrounded by smart devices, we are witnessing how IoT attacks are intensifying. Judging by the enlarged number of attacks and criminals’ persistency, we can say that IoT is a fruitful area for attackers that use even the most primitive methods, like guessing password and login combinations.
“This is much easier than most people think: the most common combinations by far are usually “support/support”, followed by “admin/admin”, “default/default”. It’s quite easy to change the default password, so we urge everyone to take this simple step towards securing your smart devices.”