Internet of Things under attack: malware doubled compared to 2016

A Kaspersky Lab report raises the alarm: vulnerabilities in firmware and insecure passwords are two of the main reasons for these breaches

If the number of hacker attacks has increased, one of the main reasons, as cybersecurity experts have long repeated, is the proliferation of Internet of Things objects, easy targets also because of their very fragile protection systems.

A report published by Kaspersky Lab, a well-known company in the cybersecurity landscape, confirms this dangerous trend: in May 2017 alone, researchers found 7,200 different types of malware. This is a huge figure when compared to last year's results, where there were just under 3,200 threats to IoT devices. To get to these results, and thus verify the weakness of Internet of Things devices, Kaspersky Lab conducted an experiment using honeypots, i.e. computer systems that mimic the operation of various IoT devices. After just a few seconds of the "networking" of the traps, the experts of the Russian company recorded the first attacks.

Why hackers target Internet of Things devices

There are many causes behind the growth of cyber breaches against Internet of Things objects, as Kaspersky Lab researchers also remind. The first is due to firmware, the basic programs that allow devices to function. Hackers, in fact, are able to discover and exploit at will the presence of vulnerabilities in software, which are not frequently updated by users. What's more, only a few devices have a system in place to automatically fix the flaws.

There's another reason for how insecure these devices are: companies set the same security password on all devices. Moreover, for hackers to discover the device's preset credentials is child's play. And it gets worse. A portion of users don't even check if the device has a security key. With everything that comes with it. In fact, there are sites on the web, such as Shodan, that collect all the insecure IoT objects.

IoT object attacks: what consequences?

The effects of these attacks are very serious. Starting with the fact that a compromised object allows hackers to enter our most intimate sphere. Think, for example, of IP cameras. And that's not all. The hacked device can be used by hackers to build botnets, networks of zombie computers ready to unleash a large-scale breach, as in the case of the infamous DDoS attack.

How to protect yourself

That said, it is therefore important to shelter your IoT devices from hackers. First, it is necessary to check if the device is protected by a password. Then, it is essential to update the device continuously, thus ensuring that any security holes are fixed.