Secure your IoT devices say security specialist Cyxtera Technologies, after research found that IoT devices are now under constant attack.
The research was conducted jointly by Cyxtera threat researcher Martin Ochoa and researchers from the Singapore University of Technology and Design.
They detected more than 150 million connection attempts to 4,642 distinct IP addresses of IoT devices. And it seems that most of the attacks are coming from China.
The findings in the “Detection of Threats to IoT Devices using Scalable VPN-forwarded Honeypots,” research makes for worrying reading for the IoT community.
“Attacks on Internet of Things (IoT) devices, exploiting inherent vulnerabilities, have intensified over the last few years,” warned the report. The researchers used honeypotted IoT devices, whose goal was to be “discovered and exploited by attacks on the Internet, thereby revealing unknown vulnerabilities.”
Over a couple of years, researchers detected more than 150 million connection attempts to 4,642 distinct IP addresses.
The vast majority of these “incoming connections” stemmed from China (64%), with 14% coming from the United States. The United Kingdom generated 9% of these connections, Israel (8%) and Slovakia (6%).
And the researchers said that all of their honeypot IoT devices saw attempted logins instantly upon coming online.
Within days of new malware campaigns going public, those malware families were used to attack IoT devices from the honeypot.
The researchers found that 54% of connections received by the honeypot were via Telnet port, while HTTP ports received almost all of the remaining connections.
And it seems that the attackers were mostly interested in IP cameras, with most of the attacks targetting those devices, but there were much smaller number of attacks on other devices such as smart switches and printers.
“IoT devices are an attractive target for attackers, because they are often a security after-thought and its harder to keep them patched and up-to-date – if patches are even available at all,” said Alejandro Correa Bahnsen, VP of Data Science at Cyxtera.
“The researchers involved in this project accurately detected several large-scale attacks targeting IoT devices and demonstrated the frequency and speed with which these devices are targeted. This approach can be replicated by other threat researchers to broaden our collective knowledge about these vulnerabilities.”
To help secure IoT devices, Cyxtera has added new functionality to its flagship Zero Trust solution, AppGate SDP.
Essentially, the new capabilities will extend “the benefits of network micro-segmentation and software-defined perimeter to connected IoT devices.”
“The AppGate SDP IoT Connector enables enterprises to enforce consistent access control policies across users, servers, and devices to protect today’s complex and distributed resources,” said the firm.
“The rapid adoption of IoT devices is outpacing the ability to secure them properly,” said Ricardo Villadiego, General Manager, Security & Anti-Fraud at Cyxtera. “These devices are connected to the same network as users, servers, and sensitive data, which creates risks for the network. AppGate SDP’s IoT Connector secures unmanaged devices, restricting lateral movement and reducing an organisation’s attack surfaces.”
This is a stark warning about the current state of IoT security or lack of, in today's smart connected world. Maybe it is not as smart as in needs to be.