The use of malicious software to attack IoT devices like smart home security monitoring systems is rising substantially and growing more sophisticated as cybercriminals take advantage of lax security, Nokia’s Threat Intelligence Report 2019 warned.
IoT botnet activity accounted for 78% of malware detection events in communication service provider (CSP) networks in 2018, according to the report, which is based on data aggregated from monitoring network traffic this year on more than 150 million devices globally where Nokia’s NetGuard Endpoint Security product is deployed.
That is up sharply from 33% in 2016 when IoT botnets were first seen in meaningful numbers. A botnet is a system of computers that can be infected with malicious software and controlled by a single computer for doing things like stealing bank account information and shuttering websites.
“Cybercriminals are switching gears from the traditional computer and smartphone ecosystems and now targeting the growing number of vulnerable IoT devices that are being deployed. You have thousands of IoT device manufacturers wanting to move product fast to market and, unfortunately, security is often an afterthought,” said Kevin McNamee, director of Nokia’s Threat Intelligence Lab and lead author of the report.
In 2018, IoT bots made up 16% of infected devices in CSP networks, up significantly from the 3.5% observed in 2017.
5G May Make It Worse
Industry analysts widely expect IoT device adoption to accelerate with 5G.
The high bandwidth, large-scale and ultra-low latency capabilities of 5G greatly facilitate connecting billions of things to the internet, including smart home security monitoring systems, vehicles, drones and medical devices.
But, as the Threat Intelligence report’s findings underscore, lagging security protection of many current IoT devices and increasing technical sophistication are giving cybercriminals broader scope for successfully launching IoT device attacks.
“Cybercriminals have increasingly smart tools to scan for and to quickly exploit vulnerable devices, and they have new tools for spreading their malware and bypassing firewalls. If a vulnerable device is deployed on the internet, it will be exploited in a matter of minutes,” McNamee said.
Also explaining some of the rises in IoT device malware infection rates is the fact that attacks on mobile and fixed networks in 2018 decreased from previous years. This is a result not only of cybercriminals looking further afield for softer targets, like IoT devices but of better-protected networks, platforms and mobile devices that are designed and built with security in mind.
IoT security solutions and best practices
IoT devices are usually unprotected by normal security measures such as firewalls and anti-virus that are commonly available to traditional computing devices.
They are often left to fend for themselves in a hostile network environment. A vulnerable IoT device that is visible from the internet will be exploited in a matter of minutes and added to one of these many botnets.
So, it is very important that the device is not vulnerable.
To accomplish this, IoT devices must be:
- Securely managed in terms of software, firmware and patching
- Have secure communication in terms of authentication, integrity and confidentiality
- Securely monitored to ensure they have not been compromised
- Provide automated and rapid response when a device is compromised.