1The Internet of Evil Things Being Fueled by Mirai Botnet
The Mirai botnet has helped to increase awareness of the risk of unmanaged and unmonitored IoT devices. That’s just one of the highlights of the Pwnie Express 2017 Internet of Evil Things report.
2Organizations Are on the Lookout for Mirai
More than half of the surveyed organizations have looked for potential Mirai-infected devices in their environments.
3What’s Attacking IoT Devices
When asked what types of attacks are impacting IoT devices, responses were mixed. Thirty-two percent said no attacks hit their IoT devices, while 20 percent said their devices were impacted by ransomware.
Problematic configurations are among the many reasons why IoT devices are a security risk. Many organizations do not rename wireless router access points, with “linksys” and “netgear” and “default” commonly showing up. In addition, 74 percent of survey respondents said they are “concerned” or “extremely concerned” about devices in a default, misconfigured or vulnerable state.
5WiFi Device Detection Is Not Pervasive
To be able to detect and block IoT threats, organizations need to be able to detect and monitor devices. The Pwnie Express survey found multiple gaps in organizations’ ability to continuously monitor and detect wireless devices, including Bluetooth and cellular devices.
6Beware of Mobile Phone Attacks
While relatively uncommon today, when asked to share their top device threat concerns for 2017, respondents to the Pwnie Express survey said they expect mobile phones will be the attack vector of the future.
7Many Organizations Are Prepared for IoT Threats
On a somewhat positive note, 48 percent of organizations said they are prepared, while 16 percent said they are very prepared to detect connected device threats.
8Organizations Have Budgets for Device Threat Detection
The key to getting a grip on IoT risks starts with monitoring and device threat detection. Thirty-nine percent of respondents said they have a budget in place for wireless device monitoring technology, and 40 percent plan on using some of their budgets on device threat detection technology.