The most recent Threat Intelligence Report from Nokia, published today, reveals that IoT botnet DDoS (Distributed Denial of Service) traffic increased by five times in the last year. These attacks, stemming from a large number of insecure IoT devices, aim to disrupt telecom services for millions of users. The increase coincides with Russia’s invasion of Ukraine and the growth of hacking groups run by cybercriminals for profit.
This significant rise was first observed at the start of the Russia-Ukraine conflict. It has since spread globally due to an increase in the usage of IoT devices by consumers. DDoS attacks driven by botnets have been disrupting telecom networks and other essential infrastructure and services. The number of IoT devices, or bots, involved in these attacks has risen from around 200,000 a year ago to about 1 million devices today, accounting for over 40% of all DDoS traffic.
The most frequently found malware in telecom networks was a type of bot malware that looks for vulnerable devices, a strategy linked with several IoT botnets. With billions of IoT devices worldwide, including smart fridges, medical sensors, and smartwatches, many of these devices lack strong security measures.
The report also found that the number of trojans targeting banking information on mobile devices has doubled to 9%. This increase puts millions of global users at a higher risk of having their personal financial and credit card information stolen. A trojan is a type of harmful software code that’s disguised as safe.
However, the report did share some positive news: malware infections in home networks have fallen from a Covid-era high of 3% to 1.5%, nearing the pre-pandemic level of 1%. This decrease occurred as malware campaigns targeting remote workers started to decline, and more people began returning to offices.
These findings are based on data collected from over 200 million devices worldwide that use Nokia’s NetGuard Endpoint Security product.
The Threat Intelligence Report is the work of experts at Nokia‘s Threat Intelligence Center in Canada, Cyber Security Center in France, Security Operations Center in India, and Deepfield, a Nokia department focusing on network analytics and DDoS security software applications.
Hamdy Farid, Senior Vice President, Business Applications at Nokia, said: “The findings in this report highlight the scale and sophistication of cybercriminal activity today. A single botnet DDoS attack can involve hundreds of thousands of IoT devices, posing a significant threat to networks globally. To reduce these risks, it’s critical for service providers, vendors, and regulators to develop more robust 5G network security measures. This includes telecom-focused threat detection and response, strong security practices, and awareness at all company levels.”
