Kaspersky prevents about 300,000 attacks on IoT devices in sub-Saharan Africa, provides safety tips for users

These attacks were altered on Kaspersky honeypots – decoy devices utilized to lure the attention of cybercriminals and analyze their activities.

IoT devices are wearables, smart home appliances, smart city systems, self-driving cars, automated retail checkouts, and other smart devices for home and business use. These devices transmit and transfer data through a wireless network without third-party interference. Cybercriminals use networks of infected smart devices to conduct DDoS attacks or as a proxy for other types of malicious actions.

Attacks on IoT devices have increased over the years. This is proportional to the activity of criminal actors and the increasing number of IoT devices in use. Open research in 2020 revealed that 42,4 million IoT devices were operating in Sub-Saharan Africa, which is expected to reach 264 million by 2030. Cybercriminals are intensifying their attacks regarding the weak security of IoT devices.

A brute force attack uses trial-and-error to guess login and password info or encryption keys, with hackers working through all possible combinations to guess correctly. In the African region throughout 2022, there were over 93,000 attempts to infiltrate logins and passwords to IoT devices using only the most recognized combinations (examples are provided in the table below); the total number of brute force attempts is even higher.

He explained that IoT vendors should consider implementing the advanced generation cybersecurity approach in their products. That is, devices would feature innate, built-in protection that would make them Cyber Immune. Such technology is already available on the market, including offers from Kaspersky. An example of this offer is the Kaspersky IoT Secure Gateway system, designed to mediate a secured gateway for the “Internet of Things” on an enterprise network.

Observing the different IoT devices and their related cybersecurity risks, the need for their protection is indisputable, especially the smart cities or critical infrastructure. Moreover, basic measures can not be considered substantial for IoT protection, so specialised security solutions must be implemented.

Read More; 8.7% of African users experienced phishing attacks in 2022 -Kaspersky report

Kaspersky’s safety recommendation to its users

Here are ways users can keep their devices secured.

• Installation of updates for the firmware a customer uses as soon as possible. Once a vulnerability is found, it can be fixed through patches within updates.
• Periodical rebooting will hasten the elimination of already installed malware (although, in most cases, the risk of reinfection will remain).
• Changing the factory passwords at initial setup, using complex passwords of at least 8 characters long, including upper and lower-case letters, numerals, and special characters.
• Using a stable access policy, network segmentation and a zero-trust model. This will also help minimize the spread of infiltration and protect the most sensitive parts of the infrastructure.
• Using the IoT Security Maturity Model – an approach that helps companies evaluate all steps and levels they need to achieve sufficient IoT protection.
• Use a dedicated IoT gateway that ensures data transfer’s inbuilt security and reliability. For instance, Kaspersky IoT Secure Gateway is Cyber Immune, which means almost no attack can affect the gateway’s functions.
• Use Kaspersky Threat Intelligence to block network connections originating from malicious network addresses detected by security researchers.

Read More; Luno names new CEO as it prepares for public listing and enlarging its investment base