IoT Devices Are Responsible Almost One Third of all Infections
The COVID-19 pandemic, along with an increase in the number of connected devices, have led to a surge of IoT infections observed on wireless networks. Cameras, refrigerators and other internet-of-things (IoT) devices are targets for hackers. New research shows a 100 percent increase in IoT infections observed on wireless networks. IoT devices are now responsible for almost 33 percent of all infections observed in mobile and Wi-Fi networks, up from 16 percent in 2019.
Researchers with Nokia's Threat Intelligence Lab wrote in a Threat Intelligence Report 2020 that they believe that the number of IoT infections will continue to grow as connected devices continue to gain popularity in homes and enterprise settings. It's not a surprise that IoT devices are targets for hackers since businesses around the world are transforming their production lines using connected, IoT devices. Having control over these devices means that a hacker can control the main switch of a company. IoT devices are even targets for ransomware since the danger of being shut down almost completely is one of the reasons why companies are more likely to pay ransoms.
Researchers found that high IoT infection rates occur when devices are connected to publicly facing internet IP addresses. In networks where carrier grade network address translation (NAT) is enabled on a firewall or router, the infection rate is reduced since the connected devices are not visible to network scanning. While standard NAT translates a private IPv4 address to a public IPv4 address, carrier-grade adds an additional translation layer as an extra security measure.
There are more devices for hackers to scan due to the pandemic. People are also buying more connected devices for their homes. As devices at home become smarter, and have computing capacity they don't need, hackers can leverage that computing power and use it to perform attacks, transfer data anonymously, and store it in places people aren't looking. The situation worsened during the pandemic since IT operations and information security teams had rushed to organize, setup and secure a remote workforce.
IoT devices have long been criticized for their lack of security measures, with researchers finding in March that more than half of all IoT devices are vulnerable to attacks. In September, researchers found a Bluetooth Low Energy (BLE) vulnerability that affected billions of IoT devices and remained unpatched in Android devices. And in August, researchers urged connected-device manufacturers to ensure they applied patches addressing a flaw in a module used by millions of IoT devices. The introduction of 5G is also expected to continue to increase not just the number of IoT devices, but the share of connected devices accessible directly from the internet.