IoT Botnet Attacks on the Rise in 2020

The first half of 2020 saw an increase in attacks and threats directed at Operational Technology (OT) and Internet of Things (IoT) networks, especially from IoT botnets, according to a report from Nozomi Networks.

The factors that contributed to the increase in attacks include the sharp rise in IoT devices and connections, and the COVID-19 pandemic that’s sweeping the planet and keeping workers at home, and the ever-larger number of cybercriminals who now have access to or have developed increasingly more sophisticated tools.

The report looks at both OT and IoT devices because the two previously separated tech domains are starting to merge in some industries. Moreover, hackers are beginning to look at OT as a valid target, and it’s becoming increasingly clear that securing both OT and IoT devices is going to be a challenge.

“Mirroring this growth in devices, new and modified IoT botnet threats are one of the fastest growing categories of threats in the first half of 2020,” states the report.

“While the technical root causes are the same, the impact of an IoT botnet attack on consumer versus industrial devices is vastly different. An attack on a consumer gadget could be limited to a privacy issue, whereas the effect of a successful breach on a manufacturing device can have a significant production or safety cost.”

Some of the IoT botnets that continue to present a threat in 2020 include Dark Nexus (derived from Qbot and Mirai), Mukashi, LeetHozer, Hoaxcalls, and Mozi.m.

None of these could make an impact in 2020 if not for the ever-present problems in the IoT industry:  insecure deployment of IoT devices directly connected to the Internet, few or absent security updates for already-deployed IoT devices, and lack of visibility into IoT device security posture experienced by many asset owners.

Since the pandemic is still in full swing and the deployment of IoT devices continues on a steep upward climb, there’s no reason to believe that things will change for the better in the second half of the year.