“Evolution of IoT Attacks” Study Exposes the Arms Race Between Cybercriminals and Cybersecurity

Published: 01 Jun 2020

The number of devices connected to the internet is expected to reach 50 billion worldwide by the end of 2030 (1), posing dangerous risks to people, businesses, and critical systems. To illustrate the divide between cyberattacks on these devices and business preparedness, Sectigo, a leading provider of automated digital identity management and web security solutions, has released its Evolution of IoT Attacks study.

The study report and associated infographic chronicles the progression, variety, and growing sophistication of many of the most infamous vulnerabilities and attacks on connected devices, as well as the emerging defences used by organisations to fight them.

Sectigo has categorised IoT attacks into three eras:

The Era of Exploration

Beginning in 2005, cybercriminals started to explore the potential to cause lasting damage to critical infrastructure, and even life. Security defences at the time were rudimentary, with organisations unaware of the value the IoT could have for hostile actors.

The Era of Exploitation

Spanning 2011-2018, cybercriminals actively exploited the lucrative and damaging potential of attacking the IoT, thus expanding attacks to more targets with increased severity. However, they found organisations more prepared to withstand the onslaught. White hat hackers exposed potential IoT vulnerabilities to help shore up defences before attacks occurred in the wild. Meanwhile, as organisations fortified their defences, cybercriminals found more ways to monetise their attacks through crypto-mining, ad-click fraud, ransomware, and spam email campaigns.

The Era of Protection

By 2019, enterprises and other organisations had become increasingly capable of countering these attacks. Just recently, governments have begun enacting regulations to protect IoT assets, and businesses and manufacturers are heeding the warnings. In fact, according to the recent 451 Research Enterprise IoT Budgets and Outlook report (2), organisations are investing more than half of their IoT budgets, 51%, to implement security controls in devices, using security frameworks and unified solutions with strong technologies that work together to provide multiple layers of protection.

“As we move into this decade, protecting the vast Internet of Things has never been more critical for our safety and business continuity,” said Alan Grau, VP of IoT/Embedded Solutions at Sectigo. “Cybercriminals are retooling and honing their techniques to keep striking at vulnerable targets. Yes, businesses and governments are making laudable efforts to protect all things connected, but we are only at the beginning of the Era of Protection and should assume that these efforts will be met by hackers doubling down on their efforts.”

IoT security must start on the factory floor with manufacturers and continue throughout the device’s lifecycle. Power grids, highways, data security, and more depend on organisations adopting ever- evolving, cutting-edge security technologies in order to withstand attacks.

Share this

About Us

Since 2005 Corporate INTL has been leading the way connecting business leaders, financiers and advisers around the world.

Our business publications reach hundreds of thousands of business leaders and decision makers in the finance and advisory communities worldwide.

Our Directory

Our Find an Expert adviser directory is the number one tool for business leaders, investors and in-house counsel to assist them in finding a proven and recommended adviser in a huge variety of practice area specialisms and countries around the world.

Mailing List

If you wish to join the Corporate INTL mailing list to receive newsletters and bulletins surrounding our products, key news, events and relevant stories related to global business, please click the link below and fill out the form provided.