IoT devices now top priority for cybercriminals

News
By published

Hackers utilise Thingbots to launch IoT attacks

Internet of Things (IoT) devices are now cybercriminals' top attack target and have managed to surpass web, application services and email servers according to new research from F5 Labs.

The fifth volume of the security firm's The Hunt for IoT report that thirteen Thingbots, IoT devices that have become part of a botnet, were discovered during the first half of 2018.

During the past 18 months, Spain was the top country under attack and it endured a remarkable 80 per cent of all monitored IoT attack traffic between January 1st and June 30th of last year. Russia, Hungary, the US and Singapore were also under consistent pressure from IoT attacks.

A majority of the attacks in the first half of last year originated in Brazil (18%) with China being the second biggest culprit (15%) followed by Japan (9%), Poland (7%), the US (7%) and Iran (6%).

Rise of the Thingbots

While DDoS attacks remain the most utilised attack method, hackers began adapting Thingbots to perform additional tactics including installing proxy servers to launch attacks from, crypto-jacking, installing Tor nodes and packet sniffers, DNS hijacks, credential collection, credential stuffing and fraud trojans.

Hackers commonly used global internet scans searching for open remote administration services to discover and then infect IoT devices.

Telnet and Secure Shell (SSH) protocols were the most popular followed by Home Administration Protocols (HNAP), Universal Plug and Play protocols (UpnP), Simple Object Access Protocols (SOAP) and various other Transmission Control Protocols (TCP) ports used by IoT devices.

Senior EMEA Threat Research Evangelist at F5 Networks, David Warburton explained why organisations should prepare themselves for future IoT attacks, saying:

“We are stuck with over 8 billion IoT devices around the world that, for the most part, prioritise access convenience over security. Organisations need to brace themselves for impact, because IoT attack opportunities are virtually endless and the process of building Thingbots is more widespread than ever. Unfortunately, it is going to take material loss of revenue for IoT device manufacturers, or significant costs incurred by organisations implementing these devices, before any meaningful security advances are achieved. Therefore, it is essential to have security controls in place that can detect bots and scale to the rate at which Thingbots attack. As ever, having bot defense at your application perimeter is crucial, as is a scalable DDoS solution.”

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple routers hit by new critical severity remote command injection vulnerability, with no fix in sight
Latest in News
Oura Ring 4
Activity tracking on Oura Ring is about to get a whole lot better, but I've got bad news about your step count
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Millwall FC The Den
The UK's first football club mobile network is here - but you probably won't guess which team has launched it
Android Auto
Android Auto 14.0 is rolling out now – and it'll soon swap Google Assistant for the smarter Gemini
The Witcher 4
You're probably not playing The Witcher 4 until 2027 at the earliest, per CD Projekt's latest financial update
More about security
URL phishing

HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware

Cl0p resurgence drives ransomware attacks to new highs in 2025
Android Auto

Android Auto 14.0 is rolling out now – and it'll soon swap Google Assistant for the smarter Gemini
See more latest
Most Popular
Android Auto
Android Auto 14.0 is rolling out now – and it'll soon swap Google Assistant for the smarter Gemini
Oura Ring 4
Activity tracking on Oura Ring is about to get a whole lot better, but I've got bad news about your step count
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Millwall FC The Den
The UK's first football club mobile network is here - but you probably won't guess which team has launched it
Josie and Matt laughing in front of the Google Pixel 9a
TechRadar Podcast: Is the Pixel 9a ugly? Has Apple ruined the smartwatch market? And is Samsung's One UI in trouble?
Apple iPhone 16 Pro REVIEW
The iPhone 17 Air looks impressively slim in this new comparison image, but that just makes me more worried about the specs
Matt Murdock smiling in Daredevil: Born Again episode 5 and Kamala Khan looking stunned in The Marvels
Daredevil: Born Again episode 5 just revealed what Kamala Khan has been up to since The Marvels, and now I'm more excited for the next superhero team to appear in the MCU
Google Pixel Watch 3, 41mm and 45mm
Google says it will fix broken Wear OS 5.1 update, but why does this keep happening?
Two Android phones on a green and blue background showing Google Messages
Google Messages just added a fun upgrade to one of its best chat features