The number of malware targeting the Internet of Things device has more than doubled in 2017.

Intelligent devices - such as smartwatch, smart TV, router or camera - are interconnected and create an increasingly widespread phenomenon of the Internet of Things, a network of devices equipped with embedded technology that allows them to interact with each other or with the external environment. Due to the large number and variety of devices Internet of Things has become an attractive target for cybercriminals. After breaking into them, criminals can spy on users, blackmail them, and even make them unconscious accomplices in crime. Worse, the network of infected devices (so-called botnets) - such as Mirai and Hajime - prove that the threat is growing.

Experts from Kaspersky Lab conducted a study on IoT malware to determine the severity of the situation. Researchers have set up traps (so-called honeypots) - artificial networks that simulate different Internet of Things devices (routers, networked cameras, etc.) - to observe attempts of malware attacks. They did not have to wait long: attacks with the use of known and unknown malware samples began almost immediately after launching the traps.


The number of attacks on the honeypots network from January to April 2017.

The most important conclusions from the study

  • Most of the attacks registered by Kaspersky Lab experts were digital video recording devices or IP cameras (63%), while 20% of cases were attacks on network devices, including routers, DSL modems, etc. About 1% of attacks were targeted at popular devices such as printers or smart home appliances.
  • The top three countries with the largest number of IoT devices attacked include China (17%), Vietnam (15%) and Russia (8%) - in each of them there is a huge number of infected machines. Brazil, Turkey and Taiwan followed - the share of each of these countries was 7%.
  • During the experiment, researchers collected information on more than seven thousand malware samples created specifically for hacking devices connected to the network.
  • According to experts, the reason for this growth is simple: Internet Reczy is fragile and exposed to attacks by cybercriminals. The vast majority of this type of equipment has a Linux-based operating system, which makes it easier to carry out attacks - knowing the target platform, criminals can create malicious code, which can be used to attack a huge number of devices at the same time.

The threat is important due to its huge range. According to industry experts, there are already more than 6 billion smart devices around the world. Most of them do not have any security solutions, and their manufacturers usually do not provide security updates or new software releases. That means there are millions of vulnerable devices - and maybe even devices that have already been infected.



Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.