Kaspersky, the cybersecurity and anti-virus provider, has disclosed that it successfully blocked 45,562 cyberattacks on Internet of Things (IoT) devices in Kenya and 30,089 cyberattacks on IoT devices in Nigeria and 221,695 in South Africa.
These attacks were altered on Kaspersky honeypots – decoy devices utilized to lure the attention of cybercriminals and analyze their activities.
IoT devices are wearables, smart home appliances, smart city systems, self-driving cars, automated retail checkouts, and other smart devices for home and business use. These devices transmit and transfer data through a wireless network without third-party interference. Cybercriminals use networks of infected smart devices to conduct DDoS attacks or as a proxy for other types of malicious actions.
Attacks on IoT devices have increased over the years. This is proportional to the activity of criminal actors and the increasing number of IoT devices in use. Open research in 2020 revealed that 42,4 million IoT devices were operating in Sub-Saharan Africa, which is expected to reach 264 million by 2030. Cybercriminals are intensifying their attacks regarding the weak security of IoT devices.
A brute force attack uses trial-and-error to guess login and password info or encryption keys, with hackers working through all possible combinations to guess correctly. In the African region throughout 2022, there were over 93,000 attempts to infiltrate logins and passwords to IoT devices using only the most recognized combinations (examples are provided in the table below); the total number of brute force attempts is even higher.
Username | Password | Count of brute force attempts |
root | Pon521 | 5428 |
root | Zte521 | 3623 |
root | root | 2174 |
root | samsung | 1234 |
admin | admin | 2092 |
admin | password | 997 |
nproc | nproc | 19798 |
According to Vladimir Dashchenko, a security expert at Kaspersky ICS CERT, “As the number of IoT devices grows and attacks intensify, cybercriminals use both advanced and simple tactics to infiltrate smart devices.
It is easy to change the default password, so we urge everyone to take this simple step towards securing your smart devices.”
He explained that IoT vendors should consider implementing the advanced generation cybersecurity approach in their products. That is, devices would feature innate, built-in protection that would make them Cyber Immune. Such technology is already available on the market, including offers from Kaspersky. An example of this offer is the Kaspersky IoT Secure Gateway system, designed to mediate a secured gateway for the “Internet of Things” on an enterprise network.
Observing the different IoT devices and their related cybersecurity risks, the need for their protection is indisputable, especially the smart cities or critical infrastructure. Moreover, basic measures can not be considered substantial for IoT protection, so specialised security solutions must be implemented.
Kaspersky’s safety recommendation to its users
Here are ways users can keep their devices secured.
- Installation of updates for the firmware a customer uses as soon as possible. Once a vulnerability is found, it can be fixed through patches within updates.
- Periodical rebooting will hasten the elimination of already installed malware (although, in most cases, the risk of reinfection will remain).
- Changing the factory passwords at initial setup, using complex passwords of at least 8 characters long, including upper and lower-case letters, numerals, and special characters.
- Using a stable access policy, network segmentation and a zero-trust model. This will also help minimize the spread of infiltration and protect the most sensitive parts of the infrastructure.
- Using the IoT Security Maturity Model – an approach that helps companies evaluate all steps and levels they need to achieve sufficient IoT protection.
- Use a dedicated IoT gateway that ensures data transfer’s inbuilt security and reliability. For instance, Kaspersky IoT Secure Gateway is Cyber Immune, which means almost no attack can affect the gateway’s functions.
- Use Kaspersky Threat Intelligence to block network connections originating from malicious network addresses detected by security researchers.
+ There are no comments
Add yours