Skip to main content
banner image
venafi logo

Cyber Attacks on IoT Devices Are Growing at Alarming Rates [Encryption Digest 64]

Cyber Attacks on IoT Devices Are Growing at Alarming Rates [Encryption Digest 64]

August 6, 2021 | Alexa Hernandez

Venafi recently shared Zscaler’s report on the rising instances of encrypted attacks, increasing at a stunning rate of 260% in 2020, but the story doesn’t end there. Zscaler is now confirming that attacks on internet of things (IoT) devices have increased an astonishing 700% since 2019.

With the world of IoT devices expanding so rapidly, it is vital to ensure the devices you are trusting with personal information are trustworthy and secure. For example, do you know if your dash cam is safe from criminals tracking your daily activity? You may be surprised to learn which well-known brands aren’t protecting IoT devices! 

Take Control of Your Machine Identities!

Which IoT devices are most likely to come under attack by cybercriminals?

Internet of things, or IoT, devices can refer to the rapidly growing number of physical devices capable of connecting to the internet. Embedded with sensors and software capable of collecting and sharing data online, IoT devices are invaluable in enhancing productivity and improve a vast number of processes across all industries. Unfortunately, the nature of IoT devices’ connectivity does leave room for malicious actors to take advantage, particularly due to these top 10 vulnerabilities that make IoT devices insecure.

Zscaler conducted an experiment on select IoT devices to determine how much of the incoming traffic was malicious, and in just a two-week period they blocked 300,000 malware-related transactions. In addition to this massive increase, Zscaler also found that out of 900 payload deliveries to 18,000 unique hosts, nearly all of them belonged to either the Gafgyt or Mirai botnets.

As of 2021 only 24% of IoT devices utilize encryption when transmitting data, leaving a staggering 76% of IoT devices completely exposed. The most frequent devices to come under attack were CCTVs and digital video recorders, which can include home and car automation devices.

Your dash cam data encryption isn’t as secure as you thought

Have you ever considered how intimate a part of your life your dash cam is? It’s intended to simply record the road ahead of your car to provide evidence in cases of collisions or reckless driving incidents, but the connection to you goes far deeper. Your dashcam travels with you to your home, your job, your loved ones’ homes, and is a reliable source of your daily schedule. Can you imagine that much personal information in the hands of a criminal that could negatively impact you?

In this context, one would expect that a source of such sensitive and potentially harmful data would be protected with ironclad security. It turns out, this is not the case at all. A study of nine major brands, including Garmin, revealed that not one of them took encryption or cyber security seriously enough. Most dash cams have a smartphone app that connects to the camera via Wi-Fi that allows you to playback the footage on a smartphone, and this connection was unnervingly easy to access by fake “hackers” hired to test out the defenses. 

Brands including Garmin, Halfords, Road Angel, Transcend and others use default passwords that are simple to exploit depending on that password’s strength, and that default password is the end of the protection. Any hacker that can guess or crack this password could have full access to that user’s dashcam. 

While there are no legal security standards in place for these types of devices, it is the responsibility of brands to provide encryption for these IoT devices.

Related Posts

Like this blog? We think you will love this.
Featured Blog

With Rapid Rise in Funds Stolen from DeFi Protocols, Private Keys in Play

Massive heist begins with

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Alexa Hernandez
Alexa Hernandez

Alexa is the Web Marketing Specialist at Venafi.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more