SecureWorld News

Surge in Malicious IoT Botnet Activity Raises Cybersecurity Concerns

Written by Drew Todd | Tue | Jun 13, 2023 | 12:30 PM Z

In a digital landscape increasingly dependent on interconnected devices, the rise in malicious Internet of Things (IoT) botnet activity is becoming a significant cause for concern.

Recent findings from Nokia's Threat Intelligence Report 2023 reveal a sharp increase in such malicious activities, highlighting the need for strong cybersecurity measures.

Over the past year, IoT botnet Distributed Denial of Service (DDoS) attacks have skyrocketed, with the number of insecure IoT devices involved in botnet-driven attacks rising from approximately 200,000 to a staggering 1 million devices.

Cybercriminals are increasingly utilizing IoT botnets to disrupt telecom network services and critical infrastructure, making it a lucrative tool for profit-driven hacking collectives.

The chart below shows botnet attacks as a percentage of all DDoS attacks, Q2 2021 – Q2 2023:

The initial surge in IoT botnet activity coincided with the Russia-Ukraine conflict. However, this threat has since expanded globally, affecting various parts of the world.

The growing adoption of IoT devices by consumers worldwide has further fueled the increase in botnet-driven DDoS attacks, resulting in these attacks contributing to over 40% of all DDoS traffic today.

One of the primary concerns highlighted in the report is the prevalence of bot malware that scans for vulnerable devices. This tactic is commonly associated with a variety of IoT botnets, exploiting the lax security measures present in billions of IoT devices worldwide. From smart refrigerators to medical sensors and smartwatches, these devices pose a significant challenge due to their limited security protections.

Additionally, the Nokia report sheds light on the doubling of trojans targeting personal banking information on mobile devices. This alarming trend puts millions of users at an increased risk of having their personal financial and credit card information stolen. Trojans, often disguised as seemingly harmless software, deceive users into unwittingly compromising their sensitive data.

Hamdy Farid, Senior Vice President of Business Applications at Nokia, discussed the report: 

"The key findings in this report underline both the scale and sophistication of cybercriminal activity today. A single botnet DDoS attack can involve hundreds of thousands of IoT devices, representing a significant threat to networks globally.

To mitigate the risks, it's essential that service providers, vendors, and regulators work to develop more robust 5G network security measures, including implementing telco-centric threat detection and response, as well as robust security practices and awareness at all company levels."

While the report emphasizes the severity of these security threats, it does offer a glimmer of hope in another aspect. Home networks have witnessed a decline in malware infections, dropping from the peak of 3% during the COVID-19 pandemic to 1.5%. As the wave of at-home workers subsided and more individuals returned to office environments, malware campaigns targeting remote workers decreased accordingly.

As the world becomes increasingly connected, safeguarding IoT devices and networks from malicious attacks is paramount. Industry stakeholders must prioritize cybersecurity investments, focusing on innovative solutions that address vulnerabilities and protect users from the growing threats posed by malicious IoT botnets. 

Follow SecureWorld News for more stories related to cybersecurity.