The alarming Kaspersky report: nine times more attacks aiming connected objects than in 2018

Last October 15, Kaspersky, the antivirus software company, published an edifying report about the volume of cyberattacks directly aiming connected objects.

Although the industry expected that this new generation of objects would be directly targeted by cyberattacks, the increase in the cyberattacks number is alarming and lets easily imagine the security flaws that the connected objects present.

According to the estimation presented by
Kaspersky, between the beginning of 2018 until mid-2019, the attacks would have
reached the record of 105 million, i.e. nine times more than the previous year
as a whole.

In order to conduct this research, Kaspersky used the trap technique by deploying more than 50 honeypots across the world. A Honeypot is a program that imitates the connected objects’ signature specifically created to attract cybercriminals. It was then possible to detect attacks from pirates that fell into the trap set for them. According to Kaspersky, during this experience, more than 20 000 sessions would have been infected every 15 minutes. 105 million attacks from 276 000 unique IP addresses have then been detected (compared to 12 million in 2018).

Furthermore, the report indicates that both in
2018 and 2019, China and Brazil are vying for the top position of the countries
that served as the origin of the attacks launched.

The main malwares that use the security flaws
of connected objects are well known (Mirai for example) and identified.

While we are aware that IoT is a privileged
playground for pirates, the first security measures are far from being
systematically applied. It’s essential for example to change the password
installed by default for each connected devices’ purchase. For reminder, although technologies of cyber
malice are indeed more and more sophisticated, the first gateway for pirates remains
the users’ lack of vigilance.

First published at nameshield blog