Kaspersky Lab has released a new report on the global IoT ecosystem, which states that not only the number of threats have gone up significantly, but cybercriminals have also started adopted new means to infect IoT devices with malware. Kaspersky Lab’s Secure List blog has reported an approximately four-fold growth in the number of malware targeting IoT devices in just the first half of 2018 compared to the figures recorded in 2017.
As per the report, cybercriminals have now resorted to developing new methods to break past the security protocol of IoT devices, and one such alternative method that has caught on quickly is the Reaper botnet.
The Reaper botnet, which exploits a host of well-known vulnerabilities that are difficult to patch, allows cybercriminals to infect IoT devices at a much faster rate and is currently known to have affected at least 2 million IoT devices across the globe. When it comes to geographical distribution of malware-infected IoT devices, Brazil leads the pack with a hefty 23% of IoT devices that were targeted by Telnet password attacks.
Kaspersky Lab’s report states that cracking the Telnet password is still a preferred method of delivering a malware vector, as the company’s team recorded 3x more Telnet attacks than all other types of malware attacks combined. Attacks on IoT devices are also on the rise, and DDoS attacks facilitated by Trojans predominantly from the Mirai family have also surged, which can deal damages ranging from request denial to blocking an infected IoT device by its ISP, cryptomining and data theft among others.
The report states that IoT devices are easier to infect compared to a traditional computer, primarily due to lack of a robust security infrastructure, complex firmware update process and lack of initiative from the user side to regularly update security settings.