Cyber crooks hit Internet of Things (IoT) smart devices with roughly 120,000 malware modifications in the first six months of this year, more than triple the number for all of 2017, according to a Kaspersky research update.
What device topped the list of those most often attacked? Routers, not unexpectedly, considering the massive IoT botnet called VPNFilter discovered in late May to be injecting malware on more than 500,000 consumer routers. But devices such as DVRs, printers and even washing machines haven’t been spared, the data showed. Statistically, 60 percent of the registered attempts to attack Kaspersky’s honeypot decoy computers came from routers. The honeypots even registered an attack coming from 33 washing machines, the security provider said.
Brute force of passwords was used in 93 percent of detected attacks. In most of the remaining cases, access to an IoT device was gained using well-known exploits. If we’ve learned anything, it’s that the largely unsecured overabundance of IoT devices are low hanging fruit for hackers. Think of it this way: We see cool gadgets, the crooks see potential botnet threats, distributed denial of service (DDoS) attacks, cryptocurrency mining and other nefarious but lucrative exploits.
“Compared to personal computers and smartphones, IoT devices might not seem powerful enough to be used in cyber criminals’ illegal activity,” said Kaspersky researcher Mikhail Kuzin. But smart devices are prime targets for hackers because manufacturers still haven’t made security a top priority, they’re easier to infect than PCs and often play an important role for consumers in managing Internet traffic or controlling smart home setups, he said.
“There are no reminders to change the default password during initial setup or notifications about the release of new firmware versions, and the updating process itself can be complex for the average user,” Kuzin and Kaspersky’s co-researchers wrote in a Securelist blog post.
How to Minimize, Mitigate IoT Device Infactions
Kaspersky offered some suggestions to help minimize the risk of smart device infection:
- Don’t give access to the device from an external network unless absolutely necessary
- Periodic rebooting will help get rid of malware already installed (although in most cases the risk of reinfection will remain)
- Regularly check for new firmware versions and update the device
- Use complex passwords at least 8 characters long, including upper and lower-case letters, numerals, and special characters
- Change the factory passwords at initial setup (even if the device does not prompt you to do so)
- Close/block unused ports, if there is such an option. For example, if you don’t connect to the router via Telnet (port TCP:23), it’s a good idea to disable it so as to close off a potential loophole to intruders.