Besides PCs and mobile phones, internet-connected devices like smartTVs, routers and security cameras are also now vulnerable to attacks from cybercriminals, security software provider Symantec said.
With millions of devices now connecting to the internet and in many cases, running embedded operating systems like Android, these devices are becoming a magnet for cybercriminals to hack into, Symantec director, technology sales (India and Saarc), Tarun Kaura told.
"The number of internet-connected devices is growing and studies show there could be about 50 billion connected devices by 2020. The threat landscape has grown as security researchers have already demonstrated attacks against smart televisions, medical equipment and security cameras," he added. He stated that while these newer devices may not hold information themselves, they are often a gateway to access the network and access enterprise data.
Symantec discovered a new Linux worm that is capable of attacking a range of small, internet-enabled devices like home routers, set-top boxes, security cameras and and even industrial control systems in addition to traditional computers. Although no attack against these devices has been found in the wild, many users may not realize they are at risk, since they are unaware they own devices that run Linux.
"Many companies making these devices don't even realize they have an oncoming security problem. These systems are not only vulnerable to an attack, they also lack notification methods for consumers and businesses," he said.
Asked what steps users can take to protect themselves, Kaura said the basic requirement is to use the in-built password protection. "Most people continue to use default passwords like '1234' or '0000', which is easy to guess," Kaura said adding that software vendors are now working on how to notify customers and get patches for these new vulnerabilities.
According to research firm Gartner, the global security software revenue grew 7.9% to $19.2 billion in 2012 over the previous year as evolution of new threats and working practices like bring your own device (BYOD) drives spending on security.