The need to deploy secure, private wireless networks has perhaps never been greater as the amount of malware detected in Internet of Things (IoT) devices has gone up in the past quarter of 2022, according to intelligence agency SonicWall’s recent Cyber Threat Report. Additionally, the amount of new malware variants also increased by 22 percent, year-over-year, Tech Monitor reports.
Many of these hacks are financially motivated, according to SonicWall. Ransomware groups steal data and ask for millions of dollars to return it. Now that businesses and government agencies aren’t as quick to pay ransoms, hackers are asking for cryptocurrency instead. Groups also target trading banks and trading houses so they run “cryptojacking” software on their computers. This practice involves hackers taking over an Internet-connected device from a desktop to IoT device with compute power, to mine for cryptocurrency.
There’s been a 377-percent increase on these types of attacks in the Europe and Asia regions, according to SonicWall’s report. These attacks in general increased 35 percent around the world year-over-year.
“Being a security professional has never been more difficult,” said SonicWall President and CEO Bob VanKirk. “The cyber warfare battlefront continues to shift, posing dangerous threats to organizations of all sizes. With expanding attack surfaces, growing numbers of threats and the current geo-political landscape, it should be no surprise that even the most seasoned IT professional can feel overwhelmed. Armed with the latest cybersecurity tools, SonicWall partners can play a vital role in helping customers stay secure in even the most dynamic threat environments.”
As more smart devices enter the digital arena, the need for IoT security only gets greater. Part of the issue is IoT devices have a number of ways to connect to a network — leaving different points for hackers to exploit. IoT malware increased 92 percent globally, with a 200-percent jump in North America.
“With over 1.4 million endpoints collecting data around the globe, SonicWall has more data to uncover emerging threat trends and provide a true depiction of what is happening in the cyber threat landscape,” Solutions Granted (SGI) CEO Michael Crean said in a statement. “They say knowledge is power and SonicWall’s proprietary data helps SGI stay informed, which in turn helps us educate our customer base. Leveraging SonicWall’s research helps SGI create actionable steps to help us keep our customers safer!”
Why IoT devices are so vulnerable to hackers
One reason cyberattacks are on the rise is because it’s easier to perform them, according to a SonicWall spokesperson. “With Ransomware-as-a-Service (RaaS) offerings, even less technical cybercriminals can purchase ransomware kits on the dark web and target organizations with minimal experience,” they said.
SonicWall emerging threat expert Immanuel Chavoya also noted that ransomware continues to evolve and criminals are getting smarter “in the development of evolutionary strains and more targeted in their assaults.”
With IoT in particular, a lot of devices still have default passwords, making them that much easier to hack. “IoT devices pose numerous challenges to both IT and security teams, often because they are not introduced to a network through normal IT Operations, creating a shadow IoT infrastructure that does not receive updates and could be invisible to security teams,” VanKirk told Tech Monitor. “In addition, IoT devices can feature thousands of vulnerabilities, or even default credentials, creating a very low-hanging branch for threat actors to get a foothold in your network. This poses numerous risks to organizations, ranging from cryptojacking to a full breach as seen in the 2013 Target incident.”
Keeping a wireless network secure
Hackers aren’t going anywhere, but that doesn’t mean companies have to make it easy for them to access their private data. Businesses need to look at the threats to their specific industries, according to VanKirk. Doing so will help their IT team create tools that can help prevent their networks from being exploited and decrease the chances of a “full-blown breach” if their system was ever compromised.
VanKirk also suggested enterprises manage their attack surface better, Tech Monitor reports. The surface includes three layers—human, network and application. The human layer is most vulnerable to social engineering, network to misconfiguration and application to supply chain attacks.
“CISOs must find out how they can best act on that intelligence with breach and attack simulations,” he said. “This will help the organization understand whether the detection visibility at hand aligns with the threat model they have previously discovered and provide an opportunity to track gaps to closure. Put together, these action sequences will result in a maturing of their security program.”