THE Internet of Things (IoT) has become an integral part of our daily lives. However, with the growing use of IoT devices, there has been an increase in cyberattacks against these devices in recent years, using various exploitable vulnerabilities.
One contributing factor to this increase is the rapid digital transformation that occurred in various sectors, such as education and health care, during the pandemic. This transformation, driven by the need for business continuity, often took place without proper consideration of security measures, leaving vulnerabilities in place.
Cybercriminals are aware that IoT devices are notoriously one of the most vulnerable parts in the networks, with most not properly secured or managed. With IoT devices like cameras and printers, its vulnerabilities and other such unmanaged devices could allow direct access and significant privacy violation, allowing attackers an initial foothold into corporate networks, before propagating inside the breached network.
In the first two months of 2023, almost every week, on average 54 percent of organizations were targeted by these attack attempts, with an average of almost 60 attacks per organization per week targeting IoT devices — 41 percent higher than in 2022, and more than triple the number of attacks from two years ago. These IoT devices attacked range from a variety of common IoT devices like routers, IP cameras, DVRs (digital video recorders) to NVRs (network video recorders), printers and more. IoT devices such as speakers and IP cameras have become increasingly common in remote work and learning environments, providing cybercriminals with a wealth of potential entry points.
This trend was observed across all regions and sectors. Europe is the region currently suffering from the most attacks targeting IoT devices, with an average of almost 70 such attacks per organization every week, followed by APAC with 64, Latin America with 48, North America with 37 (and the largest increase from 2022, with 58 percent ), and Africa with 34 weekly IoT cyberattacks per organization.
The education and research sector is currently facing an unprecedented surge in attacks targeting IoT devices, with 131 weekly attacks per organization — more than twice the global average and a staggering 34 percent increase from the previous year. Other sectors are also witnessing a surge in attacks, with most sectors experiencing double-digit growth compared to 2022.
Prior reports by a leading global provider of cybersecurity solutions revealed that hackers prefer to target schools as "soft targets" due to the abundance of personal data stored on school networks, making both students and schools vulnerable. The shift to remote learning has significantly expanded the attack surface for cybercriminals, as the introduction of numerous unsecured IoT devices into school networks has made it easier for hackers to breach these systems. Additionally, the lack of investment in robust cybersecurity prevention and defense technologies by schools makes it even simpler for cybercriminals to carry out phishing attacks and deploy ransomware.
Top attacks
Continue reading with one of these options:
Ad-free access
P 80 per month
(billed annually at P 960)
- Unlimited ad-free access to website articles
- Limited offer: Subscribe today and get digital edition access for free (accessible with up to 3 devices)