March 7, 2026

PBX Science

VoIP & PBX, Networking, DIY, Computers.

Why Cyber ​​Attackers Love Attacking IoT Devices?

3 years ago

Why Cyber ​​Attackers Love Attacking IoT Devices?

 

Why Cyber ​​Attackers Love Attacking IoT Devices?

IoT attacks are growing significantly faster than mainstream attacks.

Kaspersky Industrial Control Systems Cyber ​​Emergency Response Team (Kaspersky ICS CERT) found that in the second half of 2022, 34.3% of the servers in the industrial sector worldwide were subjected to cyber attacks, and in the first half of 2021 alone, cyber attacks on IoT devices It reached 1.5 billion times, and more than 40% of OT systems were attacked by cyber attacks.


In a recently published report titled “The State of IoT Security 2023,” research firm Forrester explained some of the factors that make cyber attackers like to attack IoT devices.

 

Why Cyber ​​Attackers Love Attacking IoT Devices?
Why Cyber ​​Attackers Love Attacking IoT Devices?

 

 

IoT attacks are growing significantly faster than mainstream attacks. Kaspersky Industrial Control Systems Cyber ​​Emergency Response Team (Kaspersky ICS CERT) found that in the second half of 2022, 34.3% of the servers in the industrial sector worldwide were subjected to cyber attacks, and in the first half of 2021 alone, cyber attacks on IoT devices It reached 1.5 billion times, and more than 40% of OT systems were attacked by cyber attacks. Cyber ​​threat researchers at SonicWall Capture Labs documented 112.3 million instances of IoT malware attacks in 2022, an 87% increase compared to 2021.

 

Ritesh Agrawal, CEO of Airgap Networks, a provider of global security isolation and information exchange systems, pointed out that while IoT endpoints may not be business-critical points, they can be easily compromised and used to spread malware directly to the most valuable parts of the enterprise. Value systems and data. He recommends that enterprises stick to the basics of cybersecurity — discovery, segmentation and identification — for each IoT endpoint.

 

In a recent interview with industry media, Agrawal advised companies to look for solutions that don’t require mandatory upgrades and don’t break IoT networks during deployment. Those were two of a number of cybersecurity design goals he and his co-founders identified when they founded Airgap Networks.

 

 

IoT devices adopted in manufacturing become high-value targets


IoT devices are subject to cyberattacks because they are easy targets, and in an industry where uptime is critical to survival, they can quickly lead to massive ransomware attacks.

Manufacturing has been hit especially hard, as cyber attackers know no single factory can afford a prolonged shutdown, so they demand ransoms two to four times higher than other targets. 61% of intrusion attempts and 23% of ransomware attacks primarily targeted OT systems.

 

Research firm Forrester examines why IoT devices are such high-value targets and how they can be used to launch broader, more destructive cyberattacks across enterprises. They identified the following four key factors:

 

(1) The design of IoT devices has security blind spots

Most traditional IoT devices installed today were not designed with security as a priority. Many lack the option to flash firmware or load a new software agent. Despite these limitations, there are still effective ways to secure IoT endpoints.

 

Security measures start by covering blind spots in IoT sensors and networks. Shivan Mandalam, director of product management for IoT security at CrowdStrike, said in a recent interview, “Enterprises must eliminate blind spots associated with unmanaged or unsupported legacy systems. As visibility and analytics capabilities for IT and OT systems increase , security teams can quickly identify and resolve issues before adversaries exploit them.”

 

Leading cybersecurity vendors currently using IoT security systems and platforms include AirGap Networks, Absolute Software, Armis, Broadcom, Cisco, CradlePoint, CrowdStrike, Entrust, Forescout, Fortinet, Ivanti, JFrog, and Rapid7. At Fal.Con 2022, CrowdStrike introduced enhanced Falcon Insight, including Falcon Insight XDR and Falcon Discover for IoT, aimed at bridging security gaps within and between industrial control systems (ICS).

 

(2) Long-term use of default administrative passwords (including credentials) is common

It is common for manufacturers with weak cybersecurity to use default administrative passwords on IoT sensors. They often use default settings because the manufacturing IT team doesn’t have the time to set up every detail, or doesn’t realize that the option to do so exists. According to Forrester, this is because many IoT devices do not require users to set new passwords upon initialization, nor do companies require new passwords to be enforced. Forrester also notes that administrative credentials typically cannot be changed in older devices.

As a result, CISOs, security teams, risk management professionals and IT teams have old and new devices with known credentials on their networks.

Leading vendors offering cybersecurity solutions to improve IoT endpoint security at the password and identity level include Armis, Broadcom, Cisco, CradlePoint, CrowdStrike, Entrust, Forescout, Fortinet, Ivanti, and JFrog.

Ivanti Corporation is a leader in this field, having successfully developed and launched four IoT security solutions: Ivanti Neurons for RBVM, Ivati Neurons for UEM, Healthcare Ivanti Neurons for Internet of Medical Things (IoMT), and Based on the company’s acquisition of Wavelink’s Ivanti Neurons for securing the Industrial Internet of Things.

Dr. Srinivas Mukkamala, Chief Product Officer of Ivanti, explained in a recent interview with industry media: “IoT devices are becoming a popular target for cyber attackers. According to a survey report released by IBM, IoT attacks will account for More than 12 percent of malware attacks, up from 1 percent in 2019. To address this, businesses must implement a unified endpoint management (UEM) solution that can discover all assets on the corporate network, even the rest of the enterprise Wi-Fi connected toaster in the room.”

“The combination of unified endpoint management (UEM) and risk-based vulnerability management solutions is critical to enable seamless, proactive risk response to remediate vulnerabilities across all devices and operating systems in an enterprise environment,” Mukkamala said.

 

(3) Virtually all healthcare, service and manufacturing businesses rely on traditional IoT sensors

From hospital departments and wards to workshops, traditional IoT sensors are the backbone for these businesses to capture the real-time data they need to operate. Both industries, healthcare and services, are high-value targets for cyber attackers aiming to compromise the IoT to initiate lateral movement across the network. 73% of IoT-based IV pumps are hackable, as are 50% of IP voice systems. Overall, 50% of connected devices in a traditional hospital are currently at serious risk.

One of the main reasons for these vulnerabilities, according to Forrester, is that the devices are running unsupported operating systems that cannot be secured or updated. This increases the risk of “bricking” an IoT device if a cyber attacker compromises it and cannot patch it.

 

(4) The problem with IoT is the Internet, not the technology

Forrester has observed that IoT devices become an immediate security risk as soon as they are connected to the internet.

A cybersecurity vendor, speaking on condition of anonymity, said in an interview that one of its largest customers has been scanning the network to resolve IP addresses originating from outside the company.

The IP address came from a surveillance camera in the front lobby of a manufacturing plant. Cyber ​​attackers have been monitoring people coming and going, trying to infiltrate workers on the job and plant their sensors on the plant’s network.

No doubt, Forrester has observed that IoT devices have become conduits for command-and-control attacks, or botnets, as in the well-known Marai botnet attack.

 

 

What it’s like to be attacked by the Internet of Things?


Some manufacturers say they are unsure how to secure traditional IoT devices and their programmable logic controllers (PLCs). Programmable logic controllers (PLCs) provide the real-time data flow needed to run businesses.

IoT and programmable logic controllers (PLCs) are designed for ease of integration, as opposed to cybersecurity, making it difficult for any manufacturer without a dedicated IT and security staff to keep their cybersecurity secure.

 

A Midwest-based auto parts maker has suffered a massive ransomware attack that targeted the company’s unprotected Internet of Things sensors and cameras on its network.

Using a variant of the R4IoT ransomware, the cyber attackers initially infiltrated the company’s Internet of Things, video surveillance and programmable logic controllers (PLCs) used to automate HVAC, electrical and mechanical preventive maintenance.

 

After compromising a corporate network, cyber attackers move laterally, hunting for Windows-based systems and infecting them with ransomware. The cyber attackers also gained administrator privileges and disabled Windows Firewall and third-party firewalls before installing the R4IoT executable onto the machine over the network.

 

The attack made it impossible for the manufacturer to monitor parameters such as heat, pressure, health and cycle times of the machines, and also froze and encrypted all data files, making them unusable.

To make matters worse, the cyber attackers threatened the company with publishing all of the company’s pricing, customer and production data on the dark web within 24 hours if the ransom was not paid.

 

The manufacturer had no choice but to pay the ransom, and their cybersecurity talent was at a loss as to how to respond to a cyberattack.

Cyber ​​attackers know that there are many other manufacturers that do not have dedicated cybersecurity and IT teams to deal with this threat, nor do they know how to deal with it.

That’s why manufacturing remains the hardest hit industry. In short, IoT devices have become the threat vector of choice because they are left unprotected.

 

“The Internet of Things puts a lot of pressure on enterprise security maturity,” Agrawal said. “Extending zero trust to IoT is difficult because the endpoints vary and the environment is dynamic and full of legacy devices.” Asked how manufacturers and other high-risk industry targets are getting started with security, Agrawal suggested: “Accurate asset discovery, segmentation and identification are still the right answer, but in an environment where most IoT devices cannot accept agents.” How do you deploy them alongside traditional solutions? That’s why many enterprises are adopting agentless network security like Airgap as the only viable architecture for IoT.”

 

 

 

Why Cyber ​​Attackers Love Attacking IoT Devices?

Tags:

More Stories

Why servers with Linux OS are much more than Windows server?

Why servers with Linux OS are much more than Windows server?

4 months ago

Will the quantum encryption become a joke after a 10-year-old desktop computer breaks it in 4 minutes?

4 months ago

Comparison of magnetic recording technology: SMR vs. CMR

5 months ago

You may have missed

The Quiet Death of the Powerline Adapter

3 hours ago
NVIDIA Releases Hotfix Driver to Address Gaming Performance Issues Following Windows Update

NVIDIA’s RTX 3060 Reportedly Set to Return This Month — But Treat It as a Rumor

4 hours ago
How ZeroClaw — a 3.4 MB Rust binary — is turning a $10 Raspberry Pi into a fully autonomous, always-on AI agent capable of running Claude, DeepSeek, and Qwen without Node.js, Python, or compromise.

How ZeroClaw — a 3.4 MB Rust binary — is turning a $10 Raspberry Pi into a fully autonomous

10 hours ago

Google’s AI Now Writes Half Its Code — But the Real Story Is What Comes Next

11 hours ago
PBXscience.com © All Copyrights Reserved. | Newsphere by AF themes.