ESPOO, Finland -- The use of malicious software to attack IoT devices like smart home security monitoring systems is rising substantially and growing more sophisticated as cyber criminals take advantage of lax security, Nokia's Threat Intelligence Report 2019 warned on Tuesday.
Driven by financial and other nefarious purposes, IoT botnet activity accounted for 78% of malware detection events in communication service provider (CSP) networks in 2018, according to the report, which is based on data aggregated from monitoring network traffic this year on more than 150 million devices globally where Nokia's NetGuard Endpoint Security product is deployed.
That is up sharply from 33% in 2016, when IoT botnets were first seen in meaningful numbers. A botnet is a system of computers that can be infected with malicious software and controlled by a single computer for doing things like stealing bank account information and shuttering web sites.
"Cyber criminals are switching gears from the traditional computer and smartphone ecosystems and now targeting the growing number of vulnerable IoT devices that are being deployed. You have thousands of IoT device manufacturers wanting to move product fast to market and, unfortunately, security is often an afterthought," said Kevin McNamee, director of Nokia's Threat Intelligence Lab and lead author of the report. In 2018, IoT bots made up 16% of infected devices in CSP networks, up significantly from the 3.5% observed in 2017.
As an indicator of the rising threat, the report found that malware-infected crypto-coin mining is expanding from high-end servers with specialized processors to IoT devices as well as smartphones and web browsers. Crypto-coin mining is generally the process by which crypto currency transactions are verified and added to blockchain technology systems.
Also explaining some of the rise in IoT device malware infection rates is the fact that attacks on mobile and fixed networks in 2018 decreased from previous years. This is a result not only of cyber criminals looking further afield for softer targets, like IoT devices, but of better-protected networks, platforms and mobile devices that are designed and built with security in mind.
Nokia Corp. (NYSE: NOK)