Nokia warns of malicious attacks on IoT devices
Written by Peter Walker
The use of malicious software to attack Internet of Things (IoT) devices, like smart home security monitoring systems, is rising substantially and growing more sophisticated as cyber criminals take advantage of lax security, Nokia's 2019 Threat Intelligence Report 2019 has warned.
IoT botnet activity accounted for 78 per cent of malware detection events in communication service provider (CSP) networks in 2018, according to the report, which is based on data aggregated from monitoring network traffic this year on more than 150 million devices globally where Nokia's NetGuard Endpoint Security product is deployed.
That is up sharply from 33 per cent in 2016, when IoT botnets were first seen in meaningful numbers. A botnet is a system of computers that can be infected with malicious software and controlled by a single computer for doing things like stealing bank account information and closing web sites.
“Cyber criminals are switching gears from the traditional computer and smartphone ecosystems and now targeting the growing number of vulnerable IoT devices that are being deployed,” said Kevin McNamee, director of Nokia's Threat Intelligence Lab and lead author of the report. “You have thousands of IoT device manufacturers wanting to move product fast to market and, unfortunately, security is often an afterthought,”
In 2018, IoT bots made up 16 per cent of infected devices in CSP networks, up significantly from the 3.5 per cent observed in 2017.
The report found that malware-infected crypto-coin mining is expanding from high-end servers with specialised processors to IoT devices, as well as smartphones and web browsers. Crypto-coin mining is generally the process by which crypto currency transactions are verified and added to blockchain technology systems.
IoT device adoption is expected to accelerate with the installation of 5G networks. The high bandwidth, large-scale and ultra-low latency capabilities of 5G greatly facilitate connecting billions of things to the internet, including smart home security monitoring systems, vehicles, drones and medical devices.
But, Nokia underscored that the lagging security protection of many current IoT devices and increasing technical sophistication are giving cyber criminals broader scope for successfully launching attacks.
“Cyber criminals have increasingly smart tools to scan for and to quickly exploit vulnerable devices, and they have new tools for spreading their malware and bypassing firewalls – if a vulnerable device is deployed on the internet, it will be exploited in a matter of minutes," McNamee said.
Yossi Naar, co-founder at Cybereason, responded to the report by stating organisations have tended to focus on product features and getting a device to market as quickly as possible, but in too many cases security features are considered towards the end of the design process when making a product more secure can mean reducing or eliminating features, or even delaying a product release – outcomes that adversely affect sales.
“It’s a situation that can end without any winners, with devices released that are inherently insecure,” he commented. “Simply put, security needs to be a primary design consideration, as fundamental as any other measure of performance – there should be a focus on tight mechanisms for strong authentication and the minimization of the potential attack surface.”