IoT weaponization

Devices continue to be compromised

Over the last year, we’ve seen the re-emergence of Internet of Things (IoT) weaponization: IoT security is becoming a boardroom issue as devices continue to be compromised.

Botnets such as Mirai and Echobot have advanced in automation, improving their propagation capabilities. Mirai and variants targeted network backbone devices from several different vendors. Mirai and IoTroop are well-known for spreading through IoT attacks, then propagating through scanning and subsequent infection from identified hosts.

Based on NTT Ltd.’s observations, Mirai and IoTroop lead in malware detections with more vulnerability scanning activity from these variants than any other family of malware. Many of these attacks are directly related to activity from botnets like Mirai and IoTroop, including the high levels of vulnerability scanning activity detected globally. IoTroop remains a particularly persistent threat, making up 87% of all botnet detections in Japan.

We’ve also seen a spike in IoT attacks specifically in the Americas  ̶  a market that craves IoT but hasn’t evolved to secure it effectively.

The re-emergence of Mirai and variant has helped widen the spread of IoT attacks. #cybersecurity #GTIR2020 Tweet this

Which industries are most at risk?

Organizations in the manufacturing industry are undergoing rapid digital transformation. The automation of almost all business processes, IoT deployments, and the increasing connectedness of the entire value chain, create agility but also raise cybersecurity risks and threat levels. There are many regulations governing the manufacturing subsectors, particularly manufacturing medical devices. In addition to medical device manufacturing, we expect to see a growing number of laws and regulations related to industrial IoT, which also influences this industry.

Weaponization of IoT attacks against technology also contributed to the technology becoming the most attacked industry globally in the last year. 

Steps to success

How can you bolster your defenses against the re-emergence of IoT weaponization and ensure IoT security?

• As the digital world becomes more interconnected, build a holistic and integrated security ecosystem
  

  Today, cybersecurity leaders’ jobs are made more difficult as the number of areas and ‘things’ that need to be secured is constantly increasing. Your infrastructure is no longer just physical, it’s cloud, and hybrid too. As you adopt IoT, there are many new kinds of devices and connections to secure. Patch management and vulnerability management shouldn’t be neglected.

  
  


• Secure interactions of all kinds
  

  Your users, whether employees or customers, are connecting through various different networks. Each of these needs to be secured. Also, don’t forget to secure interactions with your partners and others in your supply chain.