The adoption of IoT devices by users across the world has been directly proportional to the interest of cybercriminals in it. The attacks on IoT devices are growing by the day and attackers are trying to find new ways to exploit the smart devices.
Recent Attack on IoT Devices
- Sierra Wireless, a manufacturer of IoT and networking devices suffered a ransomware attack and had to stop their production post the attack since their internal operations were disrupted.
- A group of hackers in the month of March breached around 150,000 IoT security cameras located inside hospitals, police departments, prisons, schools, and private organizations.
- Adult toys were exposed to a wave of cyberattacks after some common weaknesses were exposed, as researchers successfully created proof-of-concept exploits affecting We-Vibe Jive and Max by Lovense smart toys.
Due to the exploitable vulnerabilities that exist in the firmware of the IoT devices, they become major targets for hackers and threat actors.
- In the Smart Air Fryer two remote code execution vulnerabilities (CVE-2020-28592 and CVE-2020-28593) were discovered by researchers.
- According to new research, due to a lack of transparency in IoT supply chains and the use of open-source code at least 100 million IoT devices are not secure and vulnerable to attacks.
- Recently, communications protocols used in IoT devices were affected due to nine vulnerabilities.
Fight on the legal front
A cybersecurity law was recently proposed by the UK government recently to address device security issues.
- The suppliers need to indicate the duration till when their products would receive security updates and patches according to the newly planned legislation ensuring the move is executed at the point of sale.
- The use of universally default password presets, is banned by the same legislation forcing them to make vulnerability reporting easier by providing public contact information.
the importance of security risks associated with smart devices needs to be realized by users and organizations across the world. Our internal experts recommend assessing each device’s security and invest in solutions that integrate IoT security to protect the network, data center, endpoint, mobile, and cloud.
To read more, please check eScan Blog
