In the first half of 2019, according to a new F-Secure report, cybercriminals have increased the intensity of attacks on both the Internet of Things and SMEs.
The company's "Attack Landscape H1 2019" report highlighted the threat that unsecured IoT devices can bring to businesses and consumers, as well as the continuing popularity of Eternal Blue and similar exploits two years after the release of WannaCry ransomware around the world.
F-Secure uses so-called honeypots to attract attackers to gather information about their activities. This year, the number of IoT and SMB-related attacks has increased twelve-fold compared to the same period last year. This increase was due to traffic targeting the Telnet and UPnP protocols used by IoT devices as well as the SMB protocol used by the Eternal family of exploits to propagate ransomware and banking Trojans.
Telnet, UPnP and SMB traffic
The largest share of traffic in the first half of 2019 was led by Telnet with over 760 million reported attack events, or about 26 percent of traffic. UPnP was the second most frequent with 611 m attacks, followed by SSH [SSH = SSH = SSH = SSH = SSH = SSH = SSH = SSH = SSH = SSH = SSH = SSH = SSH = SSH = SSH = SSH = SSH = SSH = SSH = SSH = SSH = SSH = SSH =
IoT devices that have been infected with malware such as Mirai are likely sources of this traffic because Mirai was the most common malware family observed by F-Secure honeypots. Mirai targets and infects routers, security cameras, and other IoT devices that use the factory default credentials.
F-Secure also found that traffic to SMB port 445 was 556 million attacks. The high level of SMB traffic shows that the Eternal family of exploits used for the first time at the outbreak of WannaCry ransomware in 2017 is still used by cybercriminals seeking to attack millions of unpatched computers.
Jarno Niemal, senior researcher at F-Secure, gave further insights into the report's findings and said:
"Three years after Mirai's first appearance and two years after WannaCry, it's clear that we still have not solved the problems associated with these outbreaks – first, the IoT's uncertainty is growing as more and more devices appear and then be integrated into botnets, and the activity on SMB shows that there are still too many machines that are not patched. "
The price written on this page is true as the time it is written. It may change at any moment.