Research notes amount of malware targeting smart devices more than doubled in 2017

Posted on Jul 7 2017 - 2:59pm by Upgrade Staff

The total number of malware samples targeting smart devices has reached more than 7,000, with over half of these emerging in 2017, according Kaspersky Lab’s researchers. With over 6 billion smart devices being used across the globe, people are increasingly being put at risk from malware targeting their connected lives.

Kaspersky Lab_Smart Devices.png

Smart devices – such as smartwatches, smart TVs, routers, and cameras – are connecting to each other and building the growing Internet of Things (IoT) phenomenon, a network of devices equipped with embedded technology that allows them to interact with each other or the external environment.

Because of the large number and variety of devices, the IoT has become an attractive target for cybercriminals. By successfully hacking IoT devices criminals are able to spy on people, blackmail them, and even discreetly make them their partners in crime. What’s worse, botnets such as Mirai and Hajime have indicated that the threat is on the rise.

Kaspersky Lab’s experts have conducted research into IoT malware to examine how serious the risk is. They have set up honeypots – artificial networks, which simulate the networks of different IoT devices (routers, connected cameras etc.) to observe malware attempting to attack their virtual devices.

They did not have to wait long – attacks using known and previously unknown malicious samples started almost immediately after the honeypot was set up.

Most of the attacks registered by the company’s experts targeted digital video recorders or IP cameras (63%), and 20% of hits were against network devices, including routers, and DSL modems, etc. About 1% of targets were people’s most common devices, like printers and smart home devices.

READ:  SP/Silicon Power presents Holiday gift ideas

China (17%), Vietnam (15%), and Russia (8%) emerged as the top-3 countries with attacked IoT devices, each presenting a large number of the infected machines. Brazil, Turkey and Taiwan – all at 7%, follow.

To date during this ongoing experiment, researchers have been able to collect information about more than seven thousand malware samples designed specifically to hack connected devices.

According to experts, the reason behind the rise is simple: the IoT is fragile and exposed in the face of cybercriminals. The vast majority of smart devices are running operating systems based on Linux, making attacks on them easier because criminals can write generic malicious code that targets a huge number of devices simultaneously.

What makes the issue dangerous is its potential reach. According to industry experts, there are already more than 6 billion smart devices across the globe. Most of them do not even have a security solution and their manufacturers usually do not produce any security updates or new firmware.

This means there are millions and millions of potentially vulnerable devices – or maybe even devices that have been already compromised.

“The issue of smart device security is serious, and one that we should all be aware of. Last year showed that it is not just possible to target connected devices, but that this is a very real threat. We have seen a huge increase in IoT malware samples, but the potential is even greater. Apparently, high competition in the market of DDoS attacks is pushing attackers to search for new resources that will help them make increasingly powerful attacks. Botnet Mirai demonstrated that smart devices can give cybercriminals what they need, with the number of devices they can target now reaching billions. Various analysts have predicted that by 2020, this could grow to 20-50 billion devices,” said Vladimir Kuskov, security expert, Kaspersky Lab.

READ:  Intergraph launches new 'Damage Assessment' solution

In order to protect your devices, Kaspersky Lab security experts advise the following:

  1. If you don’t need to, do not access your device from an external network

  2. Disable all network services you don’t need to use the device

  3. If there is a standard or universal password that cannot be changed, or the preset account cannot be deactivated, disable the network services in which they are used, or close access to external networks

  4. Before using the device, change the default password, and set a new one

  5. Regularly update the device’s firmware to the latest version – if possible.

To learn more about IoT attacks, head to Securelist.com.

Related Posts

P1M up for grabs in Kaspersky’s online conte... Think you can outwit the brightest minds in the world and win various prizes including P1 million? Kaspersky Lab is inviting Filipino Internet user...
Securing open hotspots By Louis Au, Vice President, Asia Pacific, Ruckus Wireless According to estimates by Wireless Broadband Alliance and Informa, the number of public ...
Over-55s can behave insecurely online and often be... The latest research from Kaspersky Lab and B2B International has raised concerns about the safety of over-55s online. The findings of the research, in...
BDO Unibank expands Fiserv relationship to increas... Fiserv, provider of financial services technology solutions, announced that BDO Unibank, the largest bank in the Philippines, extended and expanded it...
Security expert warns of mass attacks on online ba... Kaspersky Lab has recorded several thousand attempts to infect computers used for online banking with a malicious program that its creators claim can ...
From zero-day exploits to rampant ‘ransomware’: Ho... The second quarter of 2017 saw sophisticated threat actors unleash a wealth of new and enhanced malicious tools, including three zero-day exploits and...
Aruba 360 Secure Fabric launched Aruba, a Hewlett Packard Enterprise company, announced the Aruba 360 Secure Fabric, a security framework that provides 360 degrees of analytics-driven...
Filipino student’s pitch on security app wow... Another Filipino made the country proud as 20-year-old Ivan Dominic Baguio wowed the panelists of the recently concluded Kaspersky Academy Cyber Secur...
Only 7% of malicious mobile apps apparent to users... Data from ESET on malicious mobile applications shows that only 7% of reported incidents on mobile applications are caused by straightforward malware....
Cylance recommended in NSS Labs’ First Next-genera... Cylance Inc., the company replacing traditional antivirus with AI-powered prevention that blocks everyday malware, announced that it earned the NSS La...
About the Author

Leave A Response