SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Nokia: Cyber attacks on internet-connected devices on the rise
Wed, 28th Oct 2020
FYI, this story is more than a year old

Cyberattacks on internet-connected devices continue to rise at an alarming rate due to poor security protections and cybercriminals' use of automated tools to exploit these vulnerabilities, according to the latest Nokia Threat Intelligence Report.

The report found that Internet-connected, or IoT, devices now make up roughly 33% of infected devices, up from about 16% in 2019. The reports findings are based on data aggregated from monitoring network traffic on more than 150 million devices globally where Nokia's NetGuard Endpoint Security product is deployed.

"The sweeping changes that are taking place in the 5G ecosystem, with even more 5G networks being deployed around the world as we move to 2021, open ample opportunities for malicious actors to take advantage of vulnerabilities in IoT devices," says Bhaskar Gorti, Nokia Software president and chief digital officer.

"This report reinforces not only the critical need for consumers and enterprises to step up their own cyber protection practices, but for IoT device producers to do the same," he says.

Adoption of IoT devices, from smart home security monitoring systems to drones and medical devices, is expected to continue growing as consumers and enterprises move to take advantage of the high bandwidth, ultra-low latency, and fundamentally new networking capabilities that 5G mobile networks enable, according to the report.

The rate of success in infecting IoT devices depends on the visibility of the devices to the internet, according to the report. In networks where devices are routinely assigned public facing internet IP addresses, a high infection rate is seen. In networks where carrier-grade Network Address Translation is used, the infection rate is considerably reduced because the vulnerable devices are not visible to network scanning.

The Threat Intelligence Report also reveals there is no let up in cybercriminals using the COVID-19 pandemic to try to steal personal data through a variety of types of malware.

One in particular is disguised as a Coronavirus Map application mimicking the legitimate and authoritative Coronavirus Map issued by Johns Hopkins University to take advantage of the publics demand for accurate information about COVID-19 infections, deaths and transmissions.

But the bogus application is used to plant malware on victims computers to exploit personal data. Cybercriminals are playing on peoples fears and are seeing this situation as an opportunity to promote their agendas, the report says.

The report urges the public to install applications only from trusted app stores, like Google and Apple.