IoT Devices Infected Within Seconds of Being Connected
Connected devices are subject to almost immediate attack and infection according to a new study. Despite this consumers remain frighteningly unaware of how to protect themselves.
According to a report published by Allot Communications, Internet of Things (IoT) and mobile devices continue to be primary attack vectors and are contributing to a significant rise in cryptojacking, adware and DDoS attacks.
Most concerning of the report findings, however, is that consumers appear to lack the necessary cyber security expertise to adequately protect themselves from threats.
Telco Security Trends Report
The Telco Security Trends Report is based on anonymous data gather from a number of communications service providers (CSP’s) across Europe and Israel. Between them, these service providers protect around seven million customers; many of whom displayed an alarming lack of understanding in regards to cyber security and hygiene.
The report founds that between November 2017 and February 2018, nearly two billion mobile security threats were blocked – equating to an average of two threats a day per mobile device. Among these threats, service providers witnessed over 100 million adware threats, as well as over 40,000 threats triggered by direct attacks in the form of ransomware and banking trojans.
Cryptomining software is playing an increased role in the rise of cyber security threats, with the report finding that almost one billion security protections were triggered by cryptomining malware. This represents the leading security threat and is likely down to the meteoric rise in popularity that cryptocurrencies have seen in the previous 18 months.
IoT At Risk
The report by Allot highlights the escalating threats posed to IoT devices, found in homes and businesses across the globe. As part of the study, Allot set up ‘honeypots’ simulating consumer IoT devices and exposed them to the internet. The results were nothing short of terrifying.
Results highlighted immediate successful attacks, which the report shows peaked at a rate of over 1000 per hour. Additionally, findings revealed that a device can be infected within a staggering 42.5 seconds of being connected to the internet.
Interestingly, during this study there was also an increase of unique IP addresses attacking the honeypots over an extended period of time; from 44 per day to a peak of over 155 per day over a month-long period.
Ronen Priel, VP Product Management at Allot says that the rise in cybercrime coincides with the rise of connected devices, which often provide attackers with quick successes. He said: “Cybercrime has become rampant across the growing mobile and IoT attack surface due to the financial motivation it provides.”
A Connected World
Connected devices are becoming an increasingly common feature in daily life, with devices forecast to grow to over 30 billion worldwide by 2020. With such a changing threat landscape, mixed with the vulnerabilities of both IoT devices and consumer knowledge on cyber security, the situation has the potential to become very damaging.
The report recommends that CSP’s are “best positioned to deliver a unified, multilayer security service delivered at the network level”. Additionally, it claims:
“By merging value-add network-based security with built-in customer engagement capabilities, CSP’s can simultaneously achieve rapid customer acquisition and high adoption rates of 40%“.
However, an onus must be placed on individual responsibility when considering cyber security. Encouraging cyber awareness among the general public and businesses is integral to ensuring a safe digital environment.
In regards to individuals – both in their homes at places of work, maintaining a strong standard of cyber hygiene is essential. Through adequate education on cyber security, employees, businesses and consumers can defend themselves and maintain solid security measures.
Gerry Grant, Head of Cyber and Lead Ethical Hacker at Curious Frank says a lack of understanding of IoT devices and their inherent nature is leaving people at risk. He said: “A lot of the time people don’t realise or even understand what is actually happening or what’s going on on their devices.
Gerry added that there is a “craze for IoT devices and to make them as simple as possible to use”. These aspects seem to breed an air of complacency. Gerry noted that people “don’t see the implications of using that device.”
He added that like using any device consumer need to be aware of what they’re doing and how their actions – or there lack of – can affect them.