Malware targeted at Internet of Things (IoT) devices was one of the fastest-growing cyber security risks in the third quarter of 2018, according to new research.
McAfee's latest Threat Report found that more than 45,000 new cases of IoT malware were recorded between July and September this year, compared with fewer than 25,000 for the same period 12 months earlier.
These cover a wide range of smart devices, from routers to connected security cameras, with these threats generally targeted at gadgets running Linux systems.
Such devices typically have much weaker security protections than servers or PCs, so can be a useful backdoor into a business. McAfee noted that one increasingly popular goal for hackers is to turn these devices into crytominers, siphoning off their processing power in order to generate cryptocurrencies.
Traditionally, IoT devices have not been thought of as useful for these tasks due to their lack of processing power compared with desktop or laptop PCs.
"However, due to the lack of proper security controls, cybercriminals can benefit from volume over CPU speed," McAfee stated. "If they can control thousands of devices that mine for a long time, they can still make money."
Elsewhere, the report also revealed that new mobile malware declined by 24 per cent in the third quarter of the year, though threats such as fake apps remain a dangerous threat.
For example, McAfee highlighted one such piece of malware that targeted members of the Israel Defense Forces by installing fake dating apps to infect their devices. The fake app then exfiltrated data including location and contact lists, while also listening to phone calls and using the camera.
Commenting on the report, Christiaan Beek, lead scientist at McAfee, said that cyber criminals remain keen to take advantage of vulnerabilities both old and new, while easier access to tools for purchase on the dark web has greatly increased the effectiveness of many attacks.
"As long as ransoms are paid and relatively easy attacks, such as phishing campaigns, are successful, bad actors will continue to use these techniques," he continued.
Share This Post, Choose Your Platform!
With over 20 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.