IoT botnet DDoS attacks increased fivefold over the past year: Nokia report
A new report released by Nokia has found a significant surge in IoT botnet DDoS attacks targeting telecom network services as well as other critical infrastructure and services. The report, titled the Nokia Threat Intelligence Report, reveals that such attacks have increased fivefold over the past year, largely driven by profit-oriented hacking collectives and the escalating Russia-Ukraine conflict.
With the growing popularity of IoT devices worldwide, cybercriminals have capitalized on the opportunity to disrupt critical infrastructure and services. The number of IoT devices involved in botnet-driven DDoS attacks has soared from approximately 200,000 a year ago to around 1 million devices today. These compromised devices are responsible for over 40% of all DDoS traffic, according to the report.
The report identifies the most prevalent malware in telecommunication networks as a bot malware that specifically scans vulnerable IoT devices. This technique is commonly associated with various IoT botnets. Given the billions of IoT devices deployed globally, ranging from household appliances to medical sensors, the lax security measures implemented on these devices make them susceptible to exploitation.
In addition to the concerning rise in IoT botnet DDoS attacks, the Threat Intelligence Report also reveals an alarming trend in the proliferation of trojans - malicious software codes that masquerade as legitimate applications - targeting personal banking information on mobile devices. The number of such trojans has doubled to 9%, exposing millions of users worldwide to an increased risk of having their financial and credit card data compromised.
Despite these worrying trends, the report does highlight some positive developments. Malware infections in home networks have significantly decreased from their peak during the COVID-19 pandemic, dropping from 3% to 1.5%. The report attributes this decline to the diminishing number of malware campaigns targeting remote workers as more individuals transition back to office environments.
The Nokia Threat Intelligence Report draws insights from aggregated data collected through the monitoring of network traffic on over 200 million devices worldwide, utilizing Nokia's NetGuard Endpoint Security product. The report was compiled by experts from the Threat Intelligence Center in Canada, the Nokia Cyber Security Center in France, the Nokia Security Operations Center in India, and Nokia Deepfield, which specializes in network analytics and DDoS security.
As the threat landscape continues to evolve, the findings of this report emphasize the urgent need for robust security measures and heightened awareness among individuals and organizations to safeguard their IoT devices and networks from malicious activities.