One in five of the survey respondents said their IoT devices were hit with ransomware attacks last year
More than 90 percent of IT security professionals predict that connected devices will be a major security issue this year as security programmes fail to keep pace with the ‘significant’ risks posed by the Internet of Things (IoT).
The findings of Boston-based security firm Pwnie Express’ third annual report, The Internet of Evil Things (IoET) also suggested that the risk was compounded as two-thirds of respondents weren’t certain how many devices are in their environment.
According to the research, IT pros understand the dangers facing their companies but don’t have the necessary solutions to address these new threats, including IoT malware, like Mirai.
In 2016, Mirai was used to arm hundreds of thousands of webcams to attack the Internet infrastructure company Dyn which resulted in a near shutdown of the internet for millions of US citizens trying to get to their favorite websites.
Some 84 per cent of those surveyed admitted that Mirai changed their perception about threats from IoT devices. Yet, more than 65 per cent said they either haven’t checked or don’t know how to check their connected devices for Mirai.
“Mirai demonstrated what the right malware could do if unleashed onto poorly configured or inadequately secured devices,” said Paul Paget, CEO of Pwnie Express.
“When you consider the exploding number of connected devices, many with poorly configured or no security and the fact that security teams can’t see these devices, it becomes clear that security programs need to shift spending to adapt more quickly.”
Key report findings include:
One in five of the survey respondents said their IoT devices were hit with ransomware attacks last year.
16 per cent of respondents say they experienced Man-in-the-middle attacks through IoT devices.
Devices continue to lend themselves to problematic configurations. The default network from common routers “linksys” and “Netgear” were two of the top 10 most common “open default” wireless SSID’s (named networks), and the hotspot network built-in for the configuration and setup of HP printers - “hpsetup”.
Pwnie Express surveyed more than 800 IT security professionals and used data gathered from a wide range of businesses across industries including financial services, hospitality, retail, manufacturing, professional services, technology, healthcare, energy and more, to develop the IoET report.
If you like this, you might be interested in reading the following:
UK government unveils national cyber security plan
Additional support is also pledged to industry and wider society through the government’s new National Cyber Security Centre
Smart city services cyber attack ‘likely’, says survey
A survey by Tripwire reveals that 88 per cent of state and local government IT professionals are concerned about cyber attacks targeting critical city infrastructure
Cyber resilience for smart cities
Cyber-security firm DarkMatter has launched what it claims is a first-of-its-kind citywide dashboard to predict and mitigate cyber threats