Skip to main content

IoT devices still pose major security risk

(Image credit: Image source: Shutterstock/everything possible)

Small and medium-sized businesses and their IoT devices are under a constant and increasing barrage of attacks, according to F-Secure's new report,.

The security firm used honeypots to measure how many attacks SMBs and IoT devices are facing, and the results show a twelvefold increase, compared to the same period last year. According to the report, the majority of the increase came from the traffic which targeted Telnet and UPnP protocols (used by IoT devices), as well as the SMB protocol.

A honeypot is essentially a decoy server designed to lure hackers looking to steal valuable data from a company.

Telnet accounts for the largest share of traffic for the period – 26 per cent - with more than 760 million attack events logged. UPnP followed with 611 million attacks, as well as SSH, with 456 million attacks. The report argues that the Mirai botnet could be a likely source of the traffic.

For the uninitiated, Mirai targets routers, security cameras and other IoT devices that have never had their factory credentials changed.

 “Three years after Mirai first appeared, and two years after WannaCry, it shows that we still haven’t solved the problems leveraged in those outbreaks,” said F-Secure Principal Researcher Jarno Niemela. “The insecurity of the IoT, for one, is only getting more profound, with more and more devices cropping up all the time and then being co-opted into botnets. And the activity on SMB indicates there are still too many machines out there that remain unpatched.”