Home News Symantec: IoT Devices Being Heavily Targeted by Hackers

Symantec: IoT Devices Being Heavily Targeted by Hackers


The IoT is a big target

In an increasingly connected world, the Internet of Things (IoT) is an increasingly utilized catch phrase. Hackers like the IoT, too.

The Internet of Things (IoT) can be loosely defined as the connectedness or internetworking of various devices. IoT devices include phones, buildings, vehicles, an ever-growing list of appliances, and much more. When thinking about how connected everyone and everything is here in 2016, the IoT is the central force.

A recent report from Internet security giant Symantec called attention to the IoT, but not to paint a rosy picture. Instead, Symantec pointed out how poor or nonexistent security on some IoT devices makes these devices easy targets for cyber attacks.

According to Symantec, malware exists on a growing number of IoT devices, and many device owners remain oblivious to this fact.

DDoS attacks

Symantec focused on one particular threat in detail — DDoS attacks originating from compromised IoT devices. Distributed Denial of Service (DDoS) is a type of cyber attack in which multiple devices at varied locations all become infected, usually with malware. This group of infected devices then acts as a single system that hits a target simultaneously, resulting in a Denial of Service (DoS).

Because of the nature of DDoS attacks — the more infected devices, the better — and due to poor overall security on the IoT, DDoS and IoT are a perfect match for hackers. The security firm expects many more cyber attacks originating from multiple IoT devices at the same time in the near future.

IoT: Convenience vs. security

Convenience is one main reason for the popularity of IoT devices. But nonexistence and/or low-level cybersecurity features on these devices opens the door to potential attacks.

Symantec offered up a series of tips for anyone considering purchasing and using a new IoT device. Tips include researching the device’s security capabilities, changing default, out-of-box credentials, and disabling when not in use. Read the full list.