How to mitigate the IoT attacks that are increasing at 217.5%
Did you know the number of IoT devices is expected to increase by 75.44 billion by 2025?
Over the years, there’s been a rapid surge of IoT devices in the market, since more users are now opting for connected gadgets and appliances. To meet the increased demand of users, manufacturers are rushing their devices out of the warehouses without properly QAing potential security loopholes.
Such a lack of security measures is one of the key reasons why IoT-related cyberattacks have surged in the last few years.
Cybersecurity firm SonicWall stated in its “2019 Cyber Threat Report” that IoT attacks have grown by 217.5% between 2017 and 2018.
The state of IoT cybersecurity
SonicWall’s SonicWall Capture Lab research team published some key cyberthreat findings in its 2019 report, discussing pertinent topics such as machine learning and how it can mitigate new malware attacks, encryption implementation, cryptojacking and phishing attacks, to name a few.
IoT was also among the many topics discussed. The report gave updated insights into IoT security threats, which according to the firm augmented by 217.5% and made 32.7 million recorded events in 2018.
Researchers also observed that IoT security breaches are mostly carried out through customized botnets. It is because of these malicious botnets that attackers are able to conduct low- to high-bandwidth distributed denial-of-service attacks, data theft and more.
Moreover, the U.S. is among the top countries where most botnet attacks are carried out. According to the report, 46% of the botnets originated from the U.S., 13% from China, 7% from Russia, 7% from Brazil and so on.
One of the key aspects that makes IoT attacks so appalling is that cybercriminals have now more points of entries. Take, for instance, the St. Jude Medical’s cardiac device vulnerability that could allow hackers to gain access to the device and tweak with pacing or shocks.
Similarly, baby monitors are not completely secure against IoT threats prevalent today. One notorious IoT attack related to baby cams and monitors was the Owlet Wi-Fi baby monitor vulnerability.
Perhaps the biggest IoT attack carried out by hackers was the Mirai botnet, which ended up affecting a huge portion of the internet. In fact, top web services, including CNN, Netflix, Reddit and Twitter, were affected by the botnet attack.
The action plan aka preventive measures
There’s no denying that IoT attacks will continue to grow in numbers. After all, cybercriminals have more points of entries and malware variants than ever before. Regardless, there are some security practices to consider to prevent IoT attacks from affecting your data:
Get security updates
It is imperative to keep the OS and the firmware of the devices up to date with the latest security patches. The majority of security breaches occur due to old firmware versions since they lack the latest security fixes.
IoT device manufacturers regularly roll out security patches for their devices. Moreover, these patches are readily available on their websites and even in the app. However, it is the users’ responsibility to update their devices as soon as a security fix is released.
Set up firewall rules
Firewalls are powerful tools that can help enterprises prevent their device from falling victim to IoT-related cyberthreats. They allow users to open or block access to specific network traffic.
Many systems, such as computers and laptops, come with a default firewall. However, some need an added layer of firewall security for maximum protection against malicious traffic and viruses.
Encrypt your connections
The Cyber Threats Report stated that unencrypted internet traffic or sessions are continuously declining every year. After all, more and more people are becoming aware of the significance of encryption.
Though there are numerous tools available for encrypted online communication, VPN services are highly recommended. These tools allow users to create an encrypted channel of communication between their device and the VPN server. As a result, whatever they do online remains secure and private.
Enterprises should learn more about VPNs and how their encryption features can help them secure their connection against cyberthreats.
Disable Universal Plug and Play
UPnP may seem like a convenient feature in routers, printers and other devices. It allows different devices to get discovered on a network without any configuration. However, the UPnP protocol isn’t secure. In fact, there have been many reports on vulnerabilities related to the UPnP protocol.
It is highly recommended the feature be turned off for future security purposes.
Establish a secondary network
Some routers let you create secondary networks. Businesses and homes can create separate networks for different purposes. For instance, parents may create a separate network to set parental control for their kids.
Similarly, you can create secondary networks for IoT devices. This will help prevent cybe attackers from gaining access to other devices on the network in the event of a cyberattack.
There’s no denying that IoT is vulnerable to various types of cyberattacks because of the universal connectedness it features. However, by considering the action plan listed above, you would be able to protect your data against potential breaches.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.