IT disaster recovery, cloud computing and information security news

Check Point Research notes a sharp increase in cyber attacks targeting IoT devices

Details

With the growing use of IoT devices there has been an increase in cyber attacks against these, using various exploitable vulnerabilities. In the first two months of 2023 there was an average of almost 60 attacks per organization per week targeting IoT devices: 41 percent higher than in 2022, and more than triple the number of attacks from two years ago.

These IoT devices attacked range from a variety of common IoT devices like routers, IP cameras, DVRs (digital video recorders) to NVRs (network video recorders), printers and more. IoT devices such as speakers and IP cameras have become increasingly common in remote work and learning environments, providing cybercriminals with a wealth of potential entry points.

One contributing factor to this increase is the rapid digital transformation that occurred in various sectors during the pandemic. This transformation, driven by the need for business continuity, often took place without proper consideration of security measures, leaving vulnerabilities in place, says Check Point Research.

Cybercriminals are aware that IoT devices are notoriously one of the most vulnerable parts in the networks, with most not properly secured or managed. With IoT devices like cameras and printers, its vulnerabilities and other such unmanaged devices can allow direct access and significant privacy violation, allowing attackers an initial foothold into corporate networks, before propagating inside the breached network.

How can organizations protect themselves against IoT attacks

With the increase reliance that organizations have on IoT devices for daily operations, it is crucial that they remain vigilant and proactive in securing these devices. Some steps that can be taken to improve IoT security include:

  • Purchasing IoT devices from reputable brands that prioritize security, implementing security measures inside the devices before distribution to market.
  • Practicing password complexity policies and using multi-factor authentication (MFA) when applicable.
  • Ensuring connected devices are updated with the latest software and maintaining good device health.
  • Enforcing zero-trust network access profiles for connected assets.
  • Separating networks for IT and IoT when possible.

More details.


Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

The Hunt for Hidden Risks
The BIA Guide

Additional Resources

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.