Devices continue to be compromised
Over the last year, we’ve seen the re-emergence of Internet of Things (IoT) weaponization: IoT security is becoming a boardroom issue as devices continue to be compromised.
Botnets such as Mirai and Echobot have advanced in automation, improving their propagation capabilities. Mirai and variants targeted network backbone devices from several different vendors. Mirai and IoTroop are well-known for spreading through IoT attacks, then propagating through scanning and subsequent infection from identified hosts.
Based on NTT Ltd.’s observations, Mirai and IoTroop lead in malware detections with more vulnerability scanning activity from these variants than any other family of malware. Many of these attacks are directly related to activity from botnets like Mirai and IoTroop, including the high levels of vulnerability scanning activity detected globally. IoTroop remains a particularly persistent threat, making up 87% of all botnet detections in Japan.
We’ve also seen a spike in IoT attacks specifically in the Americas ̶ a market that craves IoT but hasn’t evolved to secure it effectively.
Which industries are most at risk?
Organizations in the manufacturing industry are undergoing rapid digital transformation. The automation of almost all business processes, IoT deployments, and the increasing connectedness of the entire value chain, create agility but also raise cybersecurity risks and threat levels. There are many regulations governing the manufacturing subsectors, particularly manufacturing medical devices. In addition to medical device manufacturing, we expect to see a growing number of laws and regulations related to industrial IoT, which also influences this industry.
Weaponization of IoT attacks against technology also contributed to the technology becoming the most attacked industry globally in the last year.
Steps to success
How can you bolster your defenses against the re-emergence of IoT weaponization and ensure IoT security?
- As the digital world becomes more interconnected, build a holistic and integrated security ecosystem
Today, cybersecurity leaders’ jobs are made more difficult as the number of areas and ‘things’ that need to be secured is constantly increasing. Your infrastructure is no longer just physical, it’s cloud, and hybrid too. As you adopt IoT, there are many new kinds of devices and connections to secure. Patch management and vulnerability management shouldn’t be neglected.
- Secure interactions of all kinds
Your users, whether employees or customers, are connecting through various different networks. Each of these needs to be secured. Also, don’t forget to secure interactions with your partners and others in your supply chain.
Insights uncovered by our Guide
The evolution of governance, risk and IT compliance
How the regulatory landscape is constantly changing.
Threat actors are innovating
Re-emergence of IoT weaponization as devices continue to be compromised.
The importance of a cyber-resilience strategy
Continuously deliver the intended outcome, despite adverse cyberevents.