2023 began with an increased focus by cybercriminals on attacks against the Internet of Things (or Internet of Things — IoT). Scams against devices of this type increased by 41% between January and February of this year, with more than half of organizations worldwide reporting at least one incident of this type each week.
The numbers are from Check Point Research, the threat intelligence division of the cybersecurity company, which place Latin America as the third most affected territory. Our region was behind Europe and Asia-Pacific in this ranking, with around 48 weekly occurrences registered per organization, against 70 and 64 of the first two places.
On a global average, there are about 60 attacks recorded every week in each company with such devices, with 54% of all connected organizations being potential victims each period. The values also represent triple the number of strikes that were recorded in 2021; as much as the data has changed, the most targeted devices continue to be routers, IP cameras, digital video recorders and printers.
According to Check Point, this growth is still a reflection of the digital transformation caused by the covid-19 pandemic. While there has been a shift towards home office or hybrid work regimes, the need for companies to remain always connected has led to a greater adoption of Internet of Things devices, which are not always protected as they should and represent a known gateway for cybercriminals, with an eye on personal data and access to networks to detonate other types of attacks.
However, the movement is already starting to have its favorites, with the education and research sector concentrating 131 weekly attacks per organization, more than double the global average and with an increase of 35% compared to last year. internet, with 101 hits, and integrators and distributors with 99.
Again, schools are considered easy targets and open up the possibility of obtaining a good amount of sensitive data, while remote teaching has expanded the attack surface. In all cases, there is also a lack of investment in robust security, as phishing scams, ransomware attacks and online scans remain effective against connected networks.
Therefore, Check Point recommends the adoption of urgent measures for protection, such as updating IoT devices and replacing obsolete ones that are no longer supported by their manufacturers. Password complexity policies, network monitoring, and access with verification and zero trust are also important to keep a close eye on possible movements or elements that may indicate an attack.
