Data showed that more than 1.5 billion attacks have occurred against IoT devices in the first six months of 2021.
Telemetry data from Kaspersky showed that IoT device cyberattacks have increased by more than 100%.
The total number of infection attempts reached 1.51bn – which has more than doubled from the 639m registered in the first six months of 2020.
Commenting on the data, Kaspersky Security Expert Dan Demeter said that cyber criminals have switched attention as we use more devices: “We see that once users’ interest in smart devices rose, attacks also intensified.
“Some people believe they aren’t important enough to be hacked but we’ve observed how attacks against smart devices intensified during the past year.
“Most of these attacks are preventable, that’s why we advise smart home users to install a reliable security solution, which will help them stay safe.”
Most of the attacks used the telnet protocol to access IoT devices, and researchers recorded over 872 million (58%) of the total using this protocol.
Kaspersky data also revealed that hackers use these compromised devices to mine for cryptocurrency, launch DDoS attacks, or steal confidential data.
Javvad Malik, lead security awareness advocate at KnowBe4, said: “The Telnet protocol is typically used to allow connections to IoT devices. It’s used widely to connect to, administer, and setup IoT devices remotely from pretty much any popular operating system (Windows, Mac, Linux, Unix).
“We’ve seen how compromised IoT devices can be recruited into botnets such as the infamous Mirai, which can be used to launch huge DDoS (distributed denial of service) attacks against websites and online services, rendering them inaccessible.
“But compromised IoT devices can be used for much more, such as used to spy on the owners, leak data, or its computing power used for other nefarious tasks.”
During the Covid-19 pandemic, there has been an increased uptake in IoT device use as people remain at home and lockdowns persist. This has created the perfect environment for hackers to exploit vulnerable devices.
CTO of Operational Technology and ICS at Armis, Sachin Shah, commented: “Covid-19 is having an undeniable impact on the world and IoT expansion.
“With rising trajectory for an emerging technology such as Artificial Intelligence, Edge Computing, and Digital Twins that are becoming more and more a part of connected ubiquitous compute and connectivity particularly within their IoT plans.”
- Fintech Summit 2021 | Just three days left!
- Leader Insights | IoT and future security with Hatem Oueslati, CEO at IoTerop
- DIGIT Deal Roundup Column | August 2021 edition
And the vulnerabilities of IoT devices is a real cause for concern. To combat the growing threats, Scotland’s IoT centre CENSIS announced a new initiative in February this year to help Scottish firms develop cyber-secure IoT products and services.
Funded by Scottish Enterprise and the Scottish Government, the IoT Secure service provides cybersecurity advice and guidance to Scottish firms. Successful companies will gain one-to-one cybersecurity consultations with CENSIS, as well as guidance on best practice, legislation, manufacture, and design.
Shah continued: “As there is a growing rate of IoT attacks, especially when trends of remote work and remote offices are considered, it is increasingly important to know and understand the threat landscape.
“Ultimately, IoT intensifies supply chain vulnerabilities. IoT’s exponential connectivity is an ever-expanding mesh of networks and devices.
“The increased integration of endpoints combined with a rapidly growing and poorly controlled attack surface poses a significant threat to the internet of things.”