DigitalCIO
No Result
View All Result
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
DigitalCIO
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
No Result
View All Result
Digitalcio
No Result
View All Result
Home News

Kaspersky Releases Overview Of IoT-related Threats In 2023

DigitalCIO Bureau by DigitalCIO Bureau
September 26, 2023
in News
0
Kaspersky Releases Overview Of IoT-related Threats In 2023
74
SHARES
1.2k
VIEWS
Share on FacebookShare on Twitter

Kaspersky has released a new report delving into the evolving threats targeting the Internet of Things (IoT) sector. The research uncovered a thriving underground economy on the dark web focused on IoT-related services, particularly for DDoS attacks.

With IoT devices, such as routers and smart home components, projected to exceed 29 billion by 2030, Kaspersky’s research offers critical insights into attack methods, dark web activities, and prevalent malware types.

Distributed Denial of Service (DDoS) attacks orchestrated through IoT botnets were found to be in high demand among hackers. In the first half of 2023, Kaspersky’s Digital Footprint Intelligence service analysts identified over 700 ads for DDoS attack services on various dark web forums.

The cost of these services varies depends on factors like DDoS protection, CAPTCHA, and JavaScript verification on the victim’s side, ranging from $20 per day to $10,000 per month. On average, the ads offered these services at $63.50 per day or $1,350 per month.

In addition, the dark web marketplace offers exploits for zero-day vulnerabilities in IoT devices, as well as IoT malware bundled with infrastructure and supporting utilities.

In the realm of IoT malware, a variety of families exist, with many originating from the 2016 Mirai malware. Fierce competition among cybercriminals has driven the development of features designed to thwart rival malware. These strategies include implementing firewall rules, disabling remote device management, and terminating processes linked to competing malware.

The primary method for infecting IoT devices continues to be through brute-forcing weak passwords, followed by exploiting vulnerabilities in network services. Brute-force attacks on devices are commonly directed at Telnet, a widely used unencrypted protocol. Hackers use this method to gain unauthorized access by cracking passwords, allowing them to execute arbitrary commands and malware. Although SSH, a more secure protocol, is also susceptible, it presents a greater resource challenge for attackers.

In the first half of 2023, Kaspersky’s honeypots recorded that 97.91% of password brute-force attempts focused on Telnet, with only 2.09% directed at SSH. These attacks were primarily focused on China, India, and the United States, while China, Pakistan, and Russia were the most active attackers.

Furthermore, IoT devices face vulnerabilities due to exploits in the services they use. These attacks often involve execution of malicious commands by exploiting vulnerabilities in IoT web interfaces, resulting in significant consequences, such as the spread of malware like Mirai.

“Kaspersky urges vendors to prioritize cybersecurity in both consumer and industrial IoT devices,” said Yaroslav Shmelev, a security expert at Kaspersky. “We believe that they must make changing default passwords on IoT devices mandatory and consistently release patches to fix vulnerabilities. In a nutshell, the IoT world is filled with cyber dangers, including DDoS attacks, ransomware, and security issues in both smart home and industrial devices. Kaspersky’s report stresses the need for a responsible approach to IoT security, obliging vendors to enhance product security from the get-go and proactively protect users.”

Types of IoT malware

IoT devices are susceptible to various types of malware, each serving distinct purposes:

1. DDoS Botnets: These malicious programs take control of IoT devices to launch Distributed Denial of Service (DDoS) attacks on a wide range of services.

2. Ransomware: Targeting IoT devices, particularly those containing user data like NAS boxes, ransomware encrypts files and demands ransoms for decryption.

3. Miners: Despite their limited processing power, some cybercriminals attempt to use IoT devices for cryptocurrency mining.

4. DNS Changers: Certain malware alters DNS settings on Wi-Fi routers, redirecting users to malicious websites.

5. Proxy Bots: Infected IoT devices are employed as proxy servers to reroute malicious traffic, making it difficult to trace and mitigate such attacks.

For more detailed information, please refer to Kaspersky’s full report on the IoT threat landscape for 2023 on Securelist.

To protect industrial and customer IoT devices, Kaspersky experts recommend:

    • Conduct regular security audits of OT systems to identify and eliminate possible vulnerabilities.
    • Use ICS network traffic monitoring, analysis and detection solutions for better protection from attacks potentially threatening technological process and main enterprise assets.
    • Make sure you protect industrial endpoints as well as corporate ones. Kaspersky Industrial CyberSecurity solution includes dedicated protection for endpoints and network monitoring to reveal any suspicious and potentially malicious activity in industrial network.
Tags: DDoSDistributed Denial of ServiceInternet of ThingsIoTKasperskyThreats
Share30Tweet19
DigitalCIO Bureau

DigitalCIO Bureau

Recommended For You

Rubrik Buys AI Startup Predibase

by DigitalCIO Bureau
June 27, 2025
0
AMD Acquires Open-Source AI Software Expert Nod.ai

Rubrik has announced that it has entered into an agreement to acquire Predibase, focused on accelerating the adoption of agentic AI from pilot to full-scale production. The combined...

Read moreDetails

Zithara was conceived as a highly modular platform; Co-founder-Varun Kashyap

by DigitalCIO Bureau
June 23, 2025
1
Zithara was conceived as a highly modular platform; Co-founder-Varun Kashyap

Our team works closely with clients to identify new revenue levers, optimize existing customer journeys, and continuously unlock incremental value. This outcome-driven partnership approach is what transforms us...

Read moreDetails

Freshworks Appoints Ian Tickle as Chief of Global Field Operations

by DigitalCIO Bureau
June 20, 2025
0
Freshworks Appoints Ian Tickle as Chief of Global Field Operations

Freshworks has announced the appointment of Ian Tickle as Chief of Global Field Operations (CGFO). Tickle, who has served in this capacity on an interim basis since April, while maintaining...

Read moreDetails

CFOs Must Evolve from Guardians to Catalysts: Gartner

by DigitalCIO Bureau
May 21, 2025
0
IBM & Mahindra Finance To Build Super App To Drive Financial Inclusion

CFOs need to reinvent their persona to address myriad new challenges faced by finance professionals, including tariffs, lost funding, and industry regulations, all while navigating large-scale transformations towards...

Read moreDetails

Tenable Uncovers ConfusedComposer Vulnerability In Google Cloud Platform

by DigitalCIO Bureau
April 24, 2025
0
Tenable Reveals Vulnerability dubbed ConfusedFunction in Google Cloud Platform

Tenable has uncovered a privilege escalation vulnerability in Google Cloud Composer (GCP) named ConfusedComposer. The vulnerability lets attackers with edit permissions in Cloud Composer to escalate privileges and...

Read moreDetails
Next Post
Majority Organizations View Ransomware as a Top-three Threat to the Viability of the Business

Majority Organizations View Ransomware as a Top-three Threat to the Viability of the Business

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Related News

Businesses face digital ceiling in transformation progress: Infosys study

January 24, 2020
CEOs Lack Confidence in Their Organisations’ Ability to Protect Against Cyberattacks: Accenture

Half of Malware Detections for SMBs Are Keyloggers, Spyware and Stealers

March 16, 2024

Top AI Trends in 2020

January 2, 2020

Browse by Category

  • Acquisition
  • Appointment
  • Archive
  • Artificial Intelligence
  • CIO Interviews
  • Cloud
  • Datacenter
  • Events and Conferences
  • Market Insights
  • News
  • Opinion and Analysis
  • Products
  • Resources
  • Security
  • Storage
  • Tech News
  • Telecom
Digitalcio

Welcome to DigitalCIO, your ultimate source for staying ahead in the ever-evolving world of technology and business.

BROWSE BY TAG

Acquisition AI Appointment artificial intelligence Artificial Intelligence and Machine Learning AWS Barracuda Big Data and Analytics Blockchain CISCO Cloud Computing Cloudflare Commvault CrowdStrike Cybersecurity Digital Transformation Dynatrace E-books Fortinet Gartner GenAI Generative AI Google Cloud HCLTech Honeywell IBM Infographics Internet of Things (IoT) Kaspersky Microsoft Netskope NTT DATA Palo Alto Networks Panel Discussion Qlik Salesforce ServiceNow Sophos Tenable Trend Micro Veeam Veeam Software Webinars Whitepaper Zscaler

CATEGORIES

  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources
  • Archive

NAVIGATION

  • Home
  • About Us
  • Advertise with Us
  • Contact Us

© 2024 digitalcio.in - All rights reserved.

No Result
View All Result
  • Home
  • Tech News
  • Market Insights
  • CIO Interviews
  • Events and Conferences
  • Opinion and Analysis
  • Resources

© 2024 digitalcio.in - All rights reserved.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?