The Internet of Things is taking over the world. If we take a look at the United States most household have IoT devices such as smart speakers. In fact, in 2018, 56 million speakers were sold only in the United States.
While the IoT does come with plenty of benefits, it can also make you vulnerable. It appears that at the moment these devices are the favourite target of cybercriminals. In the past 18 months Spain was the country which had most attacks. Other countries such as the US, Hungary or Singapore were also targeted.
How does it work?
Attackers need open remote administration services in order to infect Internet of Things devices. Hackers can find them using global internet scans. The most popular type of attack remains the DDoS attack.
“We are stuck with over 8 billion IoT devices around the world that, for the most part, prioritise access convenience over security. Organisations need to brace themselves for impact, because IoT attack opportunities are virtually endless and the process of building Thingbots is more widespread than ever,” explained Senior EMEA Threat Research Evangelist at F5 Networks, David Warburton.
When it comes to the most used protocols, the Telnet and Secure Shell (SSH) protocol is the most popular one. The next positions are occupied by Home Administration Protocols (HNAP), Universal Plug and Play protocols (UpnP), Simple Object Access Protocols (SOAP).
“Unfortunately, it is going to take material loss of revenue for IoT device manufacturers, or significant costs incurred by organisations implementing these devices, before any meaningful security advances are achieved. Therefore, it is essential to have security controls in place that can detect bots and scale to the rate at which Thingbots attack. As ever, having bot defense at your application perimeter is crucial, as is a scalable DDoS solution,” added Warburton.