One would be hard pressed to find a security researcher these days who disagrees that Internet of Things (IoT) devices are rapidly becoming the IT industry’s most vulnerable and soft underbelly.
An all the more significant one, too, as their number is growing fast, compounding the security and privacy problems of having billions of networked, omnipresent sensors, cameras and microphones in people’s everyday lives – devices whose firmware, once they have been sold and installed, virtually never gets properly updated and patched and thus protected from newly discovered security vulnerabilities.
The SonicWall Cyber Threat Report says it found that these connected, often “smart home” devices – that can be controlled remotely and include anything from light switches, routers, fridges, to baby monitors – came under attack 32.7 million times in 2018.
The number represents an increase of 217.5 percent year-on-year, the report said, adding that – once horded into botnets – these devices can be used to launch large scale DDoS attacks capable of “crippling infrastructure, downing networks.” Depending on the type of device targeted, and without hackers having this as their intent – they may also end up “putting real human lives in jeopardy.” Perhaps the best known of these massive and highly disruptive DDoS attacks utilizing IoTs was Mirai, discovered in 2016.
Current estimates are that 75 billion connected IoT devices will be in use by 2025, in other words, they will continue to provide ever bigger and more appealing attack vectors to hackers. The article offers two possible ways to mitigate the risk – using “strong passwords” is one – but perhaps more importantly, “thinking before you buy a connected device.”
“Do you really need your lights to be controlled by an app or your refrigerator to email you when the icemaker is out of ice? Sometimes new gadgets make your life more complicated while making it easier for cyber criminals,” writes PJ Media.
In general, the SonicWall Cyber Threat Report for 2019 found that digital technology users are facing more threats from “cybercriminals” than ever ever. The company said it put to use its over one million sensors around the world to record “10.52 billion malware attacks with 391,689 newly identified attack variants” – above all those utilizing Microsoft and PDF files, ransomware, web app attacks, and intrusion attempts.
All in all – more than ever before. But SonicWall also announced that 10.52 billion malware attacks had been blocked in 2018 – another record high.