Kapersky: Over 100 Million IoT Attacks Detected in Six Months

Attacks to honeypots have increased more than 9 times since last year

Security vendor Kapersky hasreported that its honeypots detected 105 million IoT attacks in the first half of 2019. The attacks originated from over 270,000 unique IP addresses, with a volume nine times higher than at this time last year.

A rise in the popularity of smart home devices has contributed to the increase. Unfortunately, many of those devices lack strong security, and those with stronger security features remain vulnerable if owners neglect to update default passwords and usernames.

Poor Security Protocols Increase Cyber Risk

“Judging by the enlarged number of attacks and criminals’ persistence, we can say that IoT is a fruitful area for attackers that use even the most primitive methods, like guessing password and login combinations,” says Kaspersky security researcher, Dan Demeter. ‘This is much easier than most people think: the most common combinations by far are usually ‘support/support,’ followed by ‘admin/admin,’ ‘default/default.’ It’s quite easy to change the default password, so we urge everyone to take this simple step towards securing your smart devices.”

The attacks take advantage of those weak default log-ins, turning IoT endpoints into botnets used to conduct other malware attacks. The most common malware found in the honeypots include:

• Mirai (39%)
• Nyadrop (38.6%)
• Gafgyt (2%)

Most of the devices affected by the attacks originated from China, which represented 30% of the infections. Brazil (19%) ranked second and Egypt (12%) ranked third.

Take Steps to Protect IoT Devices

Kaspersky recommends the following to keep your IoT devices safe:

• Install updates for the firmware you use as soon as possible. Patches within updates also fix vulnerabilities.
• Always change preinstalled passwords. Use complicated passwords that include both capital and lower-case letters, numbers and symbols when allowed.
• Reboot devices that begin to act strangely. A reboot may eliminate existing malware, but it won’t reduce the risk of getting another infection.
• Use a local VPN to restrict access to IoT devices to your home network. Don’t publicly expose them to the internet.