According to the latest report from Check Point, IoT attacks have more than doubled in the last two months, hitting almost half of the global organizations.
Check Point publishes monthly lists including Most Wanted Malware, Most Wanted Mobile Malware, and Most Exploited Vulnerabilities, all coming from Check Point’s ThreatCloud database, analyzing more than 250 million addresses, over 11 million malware signatures, and more than 5.5 million infected websites.
According to the report, three IoT vulnerabilities managed to sneak their way into top 10 Most Exploited Vulnerabilities, including MVPower DVR router Remote Code Execution, D_Link DSL-2750B router Remote Command Execution, and Dasan GPON router Authentication Bypass.
What makes the report even more serious is the fact that 45 percent of worldwide organizations were hit with these vulnerabilities. These vulnerabilities all allow attackers to execute malicious code and get remote access to targeted devices. This is a quite a worrisome statistics considering that in May and June, the percentage was at 21 and 35 percent, respectively.
“IoT vulnerabilities in particular are often ‘the path of least resistance,’ as once one device is compromised it can be straightforward to infiltrate further connected devices,” said Maya Horowitz, Threat Intelligence Group Manager at Check Point. She also added that it is vital that organizations apply patches to known vulnerabilities in order to stop the noticed rise in IoT attacks.
While these three vulnerabilities are on the rise, cryptomining malware is still higher in the list, with Coinhive holding the first place, Cryptoloot following closely and Dorkbot holding a strong third place.
Cryptomining malware, as well as IoT security, have become big issues in network security and with the rise of connected devices, and with the cryptocurrency still holding, there won’t be a sign of weakening any time soon.