Kaspersky Detects More Than 100 Million Attacks On Smart Devices In H1 2019

Must Read

List of Guaranty Trust Bank Sort Codes & Branches (with addresses) in Nigeria

The sort code is a number which usually identifies both the bank and the branch where an account is...

You Should Totally Avoid These Words During An Interview

The job market is very competitive and getting an interview is a chance to let an employer or HR...

Amazing Ankara Styles To Wear To An Occasion

If you have been recently invited to a wedding in Nigeria, there are lots of good options. From Aso Ebi to lace...
- Advertisement -
- Advertisement -

Kaspersky honeypots – networks of virtual copies of various internet-connected devices and applications – have detected 105 million attacks on IoT devices coming from 276,000 unique IP addresses in the first six months of the year. This figure is around nine times more than the number found in H1 2018 when only around 12 million attacks were spotted originating from 69,000 IP addresses. Capitalising on weak security of IoT products, cybercriminals are intensifying their attempts to create and monetise IoT botnets. This and other findings are a part of the ‘IoT: a malware story’ report on honeypot activity in H1 2019.

Cyberattacks on IoT devices are booming, as even though more and more people and organisations are purchasing ‘smart’ (network-connected and interactive) devices, such as routers or DVR security cameras, not everybody considers them worth protecting. Cybercriminals, however, are seeing more and more financial opportunities in exploiting such gadgets. They use networks of infected smart devices to conduct DDoS attacks or as a proxy for other types of malicious actions. To learn more about how such attacks work and how to prevent them, Kaspersky experts set up honeypots – decoy devices used to attract the attention of cybercriminals and analyse their activities.

Based on data analysis collected from honeypots, attacks on IoT devices are usually not sophisticated, but stealth-like, as users might not even notice their devices are being exploited. The malware family behind 39% of attacks – Mirai – is capable of using exploits, meaning that these botnets can slip through old, unpatched vulnerabilities to the device and control it. Another technique is password brute-forcing, which is the chosen method of the second most widespread malware family in the list – Nyadrop. Nyadrop was seen in 38.57% of attacks and often serves as a Mirai downloader. This family has been trending as one of the most active threats for a couple of years now. The third most common botnet threatening smart devices – Gafgyt with 2.12% – also uses brute-forcing.

Read:  92% External ICS Devices are Insecure – Kaspersky
Read:  Vodafone Egypt Renews Business Support System Deal With Ericsson

In addition, the researchers were able to locate the regions that became sources of infection most often in H1 2019. These are China, with 30% of all attacks taking place in this country, Brazil saw 19% and this is followed by Egypt (12%). A year ago, in H1 2018 the situation was different, with Brazil leading with 28%, China being second with 14% and Japan following with 11%.

“As people become more and more surrounded by smart devices, we are witnessing how IoT attacks are intensifying. Judging by the enlarged number of attacks and criminals’ persistency, we can say that IoT is a fruitful area for attackers that use even the most primitive methods, like guessing password and login combinations. This is much easier than most people think: the most common combinations by far are usually “support/support”, followed by “admin/admin”, “default/default”. It’s quite easy to change the default password, so we urge everyone to take this simple step towards securing your smart devices” – said Dan Demeter, a security researcher at Kaspersky.

Read:  Is Snapchat the Axe of social media?

To keep your devices safe, Kaspersky recommends users:

  • Install updates for the firmware you use as soon as possible. Once a vulnerability is found, it can be fixed through patches within updates.
  • Always change preinstalled passwords. Use complicated passwords that include both capital and lower-case letters, numbers and symbols if it’s possible.
  • Reboot a device as soon as you think it’s acting strangely. It might help get rid of existing malware, but this doesn’t reduce the risk of getting another infection.
  • Keep access to IoT devices restricted by a local VPN, allowing you to access them from your “home” network, instead of publicly exposing them on the internet.

Kaspersky recommends companies to take the following measures:

  • Use threat data feeds (www.Kaspersky.co.za) to block network connections originating from malicious network addresses detected by security researchers.
  • Make sure all devices software is up to date. Unpatched devices should be kept in a separate network inaccessible by unauthorised users.
- Advertisement -

Subscribe to BrandSpur Ng

Subscribe for latest updates. Signup to best of brands and business news, informed analysis and opinions among others that can propel you, your business or brand to greater heights.

Latest News

Soyinka, Orimoogunje, others advocate cultural renaissance at Yoruba Lakotun

The Nobel laureate, Professor Wole Soyinka and Professor Oladele Orimoogunje have also lent their voices to the advocacy of...

Nigeria ranks 30th in 2019 Africa Visa Openness index – Report

This fourth edition of the Index shows that 47 countries improved or maintained their visa openness scores in 2019 JOHANNESBURG, South Africa, November 11, 2019,/...

Spectranet and Nokia to provide 100+ Mbps ultra broadband services with FTTH to home and business users in Nigeria

Nokia GPON solution helps Spectranet better serve its customers by adding FTTH services to its current portfolio of LTE  wireless broadband access services ...

Halima Aliko Dangote Takes charge of Dangote Group Commercial Operations

Dangote Industries Appoints Halima Aliko Dangote as GED Commercial Operations LAGOS, Nigeria, November 11, 2019,/ -- Halima Aliko Dangote has been appointed as the Group...

Swiss Fintech Delegation Seek More Robust Collaboration in Singapore @ Singapore Festival

SINGAPORE - Media OutReach - 12 November 2019 - The Switzerland finance regulatory agencies and organisations already collaborate closely with their Singapore counterparts and will continue to foster closer relationships, especially with...

More Articles Like This