According to the AT&T Global State of Cybersecurity report, 35% of organizations report that IoT devices were the primary source of data breaches in the past 12 months and 68% of them expect IoT threats to increase in the coming year. While 90% of organizations have conducted enterprise-wide cyber risk assessments in the past year, just 50% have conducted risk assessments specific to IoT threats. Stephanie Weagle, VP at Corero Network Security commented below.
Stephanie Weagle, VP at Corero Network Security:
“The AT&T Global State of Cybersecurity report, indicating that only 50 percent of organizations had conducted risk assessments specific to IoT threats, is not surprising. The sheer number of connected devices is proving to be a challenge to IT and security teams. A decade ago we were worried about security and protection of computers and smartphones. Fast forward to today, and the number of devices that have to be considered are rapidly outpacing the patching, upgrades and overall management of the systems.
“Recent research published by Corero, indicates that organizations experienced an average of 237 DDoS attack attempts per month during Q3 2017 – equivalent to 8 DDoS attack attempts every day – as hackers strive to take their organizations offline or steal sensitive data.
“The data, which is based on DDoS attack attempts against Corero customers, represents a 35% increase in monthly attack attempts compared to the previous quarter (Q2 2017). Corero attributes this increase in frequency to the growing availability of DDoS-for-hire services, and the proliferation of unsecured Internet of Things (IoT) devices. For example, the ‘Reaper’ botnet is known to have already infected thousands of devices, and is believed to be particularly dangerous due to its ability to utilize known security flaws in the code of those insecure machines. Like a computer worm, it hacks in to IoT devices and then hunts for new devices to infect in order to spread itself further. Cyber criminals try to harness more and more Internet-connected devices to build ever larger botnets. The potential scale and power of IoT botnets has the ability to create Internet chaos and dire results for target victims.”