ADVERTISEMENT

The wide adoption of IoT technology is creating additional risks for users

IOT technology
Pierluigi Paganini
Pierluigi Paganini Contributor
Feb 17, 2022 Updated: 29 July 2025 4 min read
  • Gafgyt botnet (also known as Bashlite) targets vulnerable IoT devices like Huawei routers, Realtek routers, and ASUS devices.
  • Muhstik botnet leverages known web application exploits to compromise IoT devices, including GPON home router, DD-WRT router, and the Tomato router.
  • Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products.
  • Mozi P2P Botnet also targets Netgear, Huawei, and ZTE devices
ADVERTISEMENT

How to protect IoT devices?

Draft NIST Guidance for Federal Agencies
  • Keep the device up to date by applying security patches and updates released by the vendors. Quickly addressing the vulnerabilities in IoT devices could allow to prevent their exploitation. Many of the IoT botnets analyzed by security experts also target older vulnerabilities that are yet to be fixed.
  • Change factory settings, because their knowledge is exploited by threat actors to take over IoT devices in a large-scale campaign. The creation of new credentials is the first step in securing IoT devices.
  • Use strong and unique passwords to prevent compromise. Password managers can help users create unique and strong passwords.
  • Adopt proactive approaches in addressing Wi-Fi security. Simple suggestions include the adoption of WPA2 security protocol, disabling WPS, and enabling a strong password for Wi-Fi access.
  • Apply network segmentation to prevent the spread of threats in case of device compromise and quickly isolate infected systems to avoid lateral movements of the attackers.
  • Adopt security solutions and tools specifically designed to protect IoT devices, such as security software that provides multi-layered protection and endpoint encryption. These defense solutions monitor baseline network and device behavior to quickly identify attacks pattern that cause deviations from it.
  • Carefully analyze different protocols used by IoT devices in a network. Smart devices support multiple protocols for communications (Bluetooth, NFC, nRF24, LoRA, and optical, infrared communication). Some of them are known to be vulnerable to cyberattacks due to the presence of known issues. The knowledge of the issues affecting the chosen protocol could help administrators in securing the overall environment.
ADVERTISEMENT