IoT botnet DDoS attacks surge disrupting telecom network

IoT botnet DDoS (Distributed Denial of Service) traffic, originating from insecure IoT devices with the aim of disrupting telecom network services, increased five-fold over the past year, according to Nokia Threat Intelligence Report.
Kazakhstan mobile networkNokia noticed the sharp increase in cyber security attacks on networks at the beginning of the Russia-Ukraine conflict. Botnet-driven DDoS attacks are used to disrupt telecom networks as well as other critical infrastructure and services.

The number of IoT devices (bots) engaged in botnet-driven DDoS attacks rose from around 200,000 a year ago to approximately 1 million devices, generating more than 40 percent of all DDoS traffic today, Nokia said.

The most common malware in telecommunication networks was found to be a bot malware that scans for vulnerable devices, a tactic associated with a variety of IoT botnets. There are billions of IoT devices worldwide, ranging from smart refrigerators, medical sensors, and smart watches; many of which have lax security protections.

The number of trojans targeting personal banking information in mobile devices has doubled to 9 percent.

Malware infections in home networks declined from a Covid-high of 3 percent to 1.5 percent, close to the pre-pandemic level of 1 percent, as malware campaigns targeting the wave of at-home workers tapered off, and more people returned to office work environments.

Nokia has aggregated data by monitoring network traffic on more than 200 million devices where Nokia NetGuard Endpoint Security product is deployed.

Experts at Threat Intelligence Center in Canada, Nokia Cyber Security Center in France; Nokia Security Operations Center in India; and Nokia Deepfield, have compiled the Threat Intelligence Report as part of Nokia focusing on software applications covering network analytics and DDoS security.