Report reveals significant rise in exploits targeting three major IoT vulnerabilities

Cybersecurity solutions provider Check Point Software Technologies’ latest Global Threat Index for July 2018 reveals a significant rise in exploits targeting three major IoT vulnerabilities. According to the company, these attacks, which are linked to the propagation of IoT malware like Mirai, IoTroop/Reaper and VPNFilter, have more than doubled since May. The top 10 ‘most exploited’ list includes MVPower DVR router Remote Code Execution at fifth position; D Link DSL-2750B router Remote Command Execution at seventh; and Dasan GPON router Authentication Bypass at tenth position. The data shows 45% of organisations around the globe getting affected by attacks targeting these vulnerabilities, compared with 35% in June 2018 and 21% in May. These vulnerabilities allow attackers to execute malicious code and gain remote control of the target devices. July’s top three ‘most wanted’ malware includes: Coinhive, Cryptoloot, and Dorkbot. The month’s top 3 ‘most vulnerabilities’ include: Lokibot, Triada, and Guerilla. Maya Horowitz, threat intelligence group manager at Check Point, said: “Known vulnerabilities offer cyber-criminals an easy, relatively frictionless entry point into corporate networks, enabling them to propagate a wide range of attacks. IoT vulnerabilities in particular are often ‘the path of least resistance’, as once one device is compromised, it can be straightforward to infiltrate further connected devices.