K

Kathleen Martin

Guest
The modern home is chock full of myriad Internet of Things devices ranging from doorbell video cameras to smart pet feeders. While these products may offer a number of conveniences, smart devices also provide new entry points and potential security vulnerabilities for online criminals as cyberattacks surge. According to Kaspersky data shared with TechRepublic, attacks on IoT devices have doubled in the last year.
"Since IoT devices, from smartwatches to smart home accessories, have become an essential part of our everyday lives, cybercriminals have skillfully switched their attention to this area. We see that once users' interest in smart devices rose, attacks also intensified," said Dan Demeter, a security expert at Kaspersky via email.
Smart homes, honeypots and remote work
In an effort to track and potentially prevent cyber attacks against connected smart devices, Kaspersky researchers set up honeypots, which the company described as "traps" of sorts for online attackers "targeting such devices." In the first half of 2021, these honeypots detected over 1.5 billion cyberattacks focused on IoT devices, according to Kaspersky; more than double the total recorded in the first half of 2020.
So, what's behind the surge in IoT device attacks? The short answer: The switch to remote work may have presented new entryways for opportunistic cybercriminals.
Over the last year, many remote teams have relied on VPN connections in their day-to-day. Amid the switch to remote work, Demeter said these gateways "became extremely interesting for attackers" for a number of reasons. For one, he said attackers can DDoS these connections disrupting company workflows and gain access to organizational networks via "misconfigured or insecure VPN gateways."
"As such, the hunt of vulnerable devices (either IoT or directly connected to the internet) intensified during 2020, and we've seen some examples where attackers were able to gather more than half of million user accounts from vulnerable devices," he continued.
During Kaspersky's observations, Demeter said, an internet-connected honeypot would be probed for "exposed services" within about five minutes as a result of large-scale internet scanning, however, he added that this time is lower in some instances due to multiple large networks scanners probing devices. 
"Of course, this is just the average value," Demeter said. "We've had cases when we installed a fresh honeypot and it got probed in the next 10 seconds."
Continue reading: https://www.techrepublic.com/article/iot-device-attacks-double-in-the-first-half-of-2021-and-remote-work-may-shoulder-some-of-the-blame/
 

Attachments

  • p0004764.m04438.gettyimages_andrey_suslov.jpg
    p0004764.m04438.gettyimages_andrey_suslov.jpg
    79 KB · Views: 69