Rapidly multiplying IoT cyber attacks use well-known weaknesses

Devices that make up the internet of things (IoT) may be relatively new, but the growing number of cyber attacks targeting these devices still rely on well-known and predictable security weaknesses, say security researchers. Data collected and analysed by researchers at security firm F-Secure shows that the number of IoT threats doubled in 2018, growing from 19 to 38 in the space of a single year. But most exploit things such as unpatched software, weak or default passwords, or a combination of the two, which make up 87% of observed threats, according to a report by researchers at F-Secure Labs. “History may remember 2018 as the turning point,” the report said. Tom Gaffney, F-Secure operator consultant, said although the larger device suppliers are paying more attention to security than in the past, a lot of devices from many different manufacturers still do not offer consumers much in the way of security or privacy.