Botnet traffic forcing a distributed denial of service (DDoS) on IoT networks, originating from insecure IoT devices, increased five-fold over the past year. This is the key finding from a new report on IoT cybersecurity vulnerabilities by Finnish vendor Nokia, plus others.
The report, called the Threat Intelligence Report, said the increase stems from more profit-driven hacking collectives and more consumer IoT gadgets, and coincides with Russia’s invasion of Ukraine in February last year. It said the number of compromised IoT devices (‘bots’) engaged in botnet-driven DDoS attacks has risen from around 200,000 a year ago to approximately one million devices.
These generate more than 40 percent of all DDoS traffic today, says the report, which was compiled by experts at the Threat Intelligence Center in Canada, the Nokia Cyber Security Center in France, the Nokia Security Operations Center in India, and Nokia Deepfield, a part of Nokia focusing on software applications covering network analytics and DDoS security. The report considered data from 200 million devices running Nokia’s NetGuard Endpoint Security product.
The attacks are being used to “disrupt telecom networks… [and] critical infrastructure”. A statement said: “The most common malware in telecommunication networks was found to be a bot-malware that scans for vulnerable devices, a tactic associated with a variety of IoT botnets… The report also found that the number of trojans, smuggling nefarious software code, targeting personal banking information in mobile devices has doubled to nine percent.”
The problem, in terms of the volume of attack vectors and the inherent security, is with consumer IoT devices; many “smart refrigerators, medical sensors, and smart watches” have “lax security protections”, the report concluded. At the same time, the report said malware infections in home networks halved in the period, from a Covid-high of three percent to 1.5 percent, closer to the pre-pandemic level of one percent – as people have returned to work.
Hamdy Farid, senior vice president of business applications at Nokia, said: “The key findings in this report underline both the scale and sophistication of cybercriminal activity today. A single botnet DDoS attack can involve hundreds of thousands of IoT devices, representing a significant threat to networks globally. To mitigate the risks, it’s essential that service providers, vendors, and regulators work to develop more robust 5G network security measures, including implementing telco-centric threat detection and response, as well as robust security practices and awareness at all company levels.”
