US-based Cyxtera Technologies has released new research which has revealed that IoT devices are continuously being attacked, particularly those leveraging zero-day vulnerabilities for certain devices.
The report, titled ‘Detection of Threats to IoT Devices Using Scalable VPN-Forwarded Honeypots’, underscores some key findings from the study that was jointly conducted by researchers from the Singapore University of Technology and Design and Cyxtera threat researcher Martin Ochoa. They found more than 150 million connection attempts to 4,642 distinct IP addresses, among which 64% of incoming connections originated in China and 14% from the US; following were UK with 9%, Israel with 8%, and Slovakia with 6%.
Immediate attempted logins were witnessed by all IoT devices as soon as systems went online and the number of login attempts gradually increased over time. As soon as new malware campaigns like Mirai, Satori, and Hakai went public, these malware families were used to attack IoT devices from the honeypot. In most cases, there was a rise in activities that were recognised in the days and weeks before the malware was publicly named.
Last month a report concerning lack of security in IoT device apps found that 31% of the apps had no encryption at all, while 19% had hardcoded keys that were easier to notice. This study examined smartphone apps for 96 IoT devices. Results showed around 50% of IoT device apps could easily be exploited; apps like the LIFX app, WeMo app for Belkin devices, ‘Kasa for Mobile’ app for TP-Link devices, and the ‘e-Contro’ app for Broadlink gear were all found to be susceptible to attacks.
In the previous month, a study of 950 IT and business decision makers by Gemalto also reveals that only 48% of the businesses in the world are able to detect if any of their IoT devices suffers a breach. It was found that organisations are demanding governments to get involved to solve this problem, with 79% are calling for vigorous guidelines on IoT security, and 59% are looking for clarification on who could be the sole responsible party for protecting the IoT in such cases.