IoT cyber attacks double to 1.5 billion in first half of 2021

During the first six months of 2021, Kaspersky honeypots – software that imitates a vulnerable device – have detected more than 1.5 billion attacks against IoT (Internet of Things) devices. This was twice as much as the previous half-year.

IoT devices such as smartwatches, door locks, fitness trackers, and many others are everywhere. According to IoT market analysts, 127 new devices are connected to the internet every second. Their widespread availability attracts the attention of enthusiastic users and cybercriminals.

To track and prevent attacks against smart items, Kaspersky experts set up honeypots, special software that imitates a vulnerable device. Deployed publicly on the Internet, honeypots mimic real devices and, in essence, function like traps for the attackers targeting such devices. 

According to data analysis collected from Kaspersky honeypots, there is a steady trend for an increase in the number of attacks on IoT devices. In H1 2021, the number of total infection attempts reached 1,515,714,259, while during the previous six months, there were 639,155,942. In most cases, the attempted connections used the telnet protocol (used to access and manage a device remotely); the rest used SSH and web.

The number of total infection attempts broken down by type of honeypot

Cybercriminals targeting IoT devices always update their toolsets. Kaspersky experts highlight that more and more exploits are being weaponised by cybercriminals, and infected devices are used to steal personal data and mine cryptocurrencies, on top of traditional DDoS attacks.

Says Dan Demeter, security expert at Kaspersky:

“Since IoT devices, from smartwatches to smart home accessories, have become an essential part of our everyday lives, cybercriminals have skillfully switched their attention to this area. We see that once users’ interest in smart devices rose, attacks also intensified.

“Some people believe they aren’t important enough to be hacked but we’ve observed how attacks against smart devices intensified during the past year. Most of these attacks are preventable, that’s why we advise smart home users to install a reliable security solution, which will help them stay safe.” 

To keep your devices safe, Kaspersky recommends users:

• • Install updates for the firmware you use as soon as possible. Once a vulnerability is found, it can be fixed through patches within updates.
  • Always change preinstalled passwords. Use complicated passwords that include both capital and lower-case letters, numbers, and symbols if possible.
  • Reboot a device as soon as you think it’s acting strangely. It might help eliminate existing malware, but this doesn’t reduce the risk of getting another infection.
  • Review and choose security solutions that help to protect IoT ecosystems such as Kaspersky Smart Home Security.