Report reveals Singapore is one of the top five IoT attack destinations globally

The latest installment of F5’s The Hunt for IoT series, The Growth and Evolution of Thingbots Ensures Chaos, found that Singapore is in the top five destinations globally for IoT attacks. 

With 8.4 billion devices currently in use, and over 30 billion devices projected to be deployed by 2020, unprotected devices are a goldmine for hackers, as they find new ways to exploit numerous protocols beyond telnet (an underlying TCP/IP protocol for accessing remote computers) to ensure they capture as many vulnerable IoT devices as possible. Thingbots are botnets compromising of infected IoT devices which are typically unmanaged, providing a low likelihood of being discovered by their owner and remediated.

              

Concentration of Persirai infected devices continue to increase even after discovery as

seen from June to December 2017 – with growth in China, South Korea and Japan

Thingbots are capable of globally destructive attacks, and the worrying fact is that the security industry has only started discovering them with increasing frequency. Massive, well known thingbots such as Mirai and Persirai have been wreaking havoc around the world, and show no signs of slowing down. A new variant of the notorious Mirai malware is exploiting kit with ARC processors. Dubbed the Okiru, is the first capable of infecting devices powered by ARC CPUs which is responsible for running a variety of internet-connected products including cars, mobiles, TVs, cameras and more. In fact, despite broad awareness of their existence and threat, it is reported that Persirai infected IP cameras still exist all across Asia with the heaviest concentrations in Thailand, China, South Korea, Japan, Taiwan and Malaysia. There is even a website that collects the streaming footage from over 73,000 hacked IP cameras worldwide. These live footages ranges from parking lots and store surveillance to the bedrooms of unknown individuals.

While China, the US and Russia are clearly the top three attacking countries, the report suggests that because vulnerable IoT devices are deployed globally without bias, there is no standout IoT attack destination. However, from August to December 2017, the most attacked countries were the U.S., Singapore, Spain, and Hungary—possibly due to the high IoT device penetration rate in these nations.

As seen from countless thingbots hacking incidents that have taken place in the past five years, both public and private entities have much to lose from the hackings. From the spying of households through baby monitoring cameras to the complete takeover of smart cars remotely, IoT hacking has the potential to cause privacy loss and even deaths.

As Southeast Asia emerges as a global growth leader with some of the world’s fastest expanding economies,  it is crucial that businesses protect themselves to continue this progression. The list of top 15 thingbots attacks above is not exhaustive but it has every potential at crippling businesses and most importantly, discredit the integrity of an organization. As such, the onus is upon every business owner to ensure that they provide a safe and secure global cyberspace for their customers—basic digital hygiene that every individual and business owners should diligently practice:

In addition, other notable highlights from The Hunt for IoT – The Growth and Evolution of Thingbots Ensures Chaos report include:

Threat Analysis: The Hunt for IoT – The Growth and Evolution of Thingbots Ensures Chaos is the fourth volume of F5 Networks’ IoT reports, following the third volume Threat Analysis: The Hunt for IoT – The Rise of Thingbots. The APCJ focused report is available for download here.