Rapid adoption of Internet of Things (IoT) devices means they are becoming an increasingly attractive target for cyber criminals, according to a report released by Intel Security's McAfee Labs.
The McAfee Labs Threats Report August 2015 (PDF) reveals that IoT devices are just beginning to be exploited as adoption increases.
"The sheer volume of devices has grown faster than we foresaw, and into industries that we did not expect, creating a massive attack surface. So it is only a matter of time until IoT device threats are widespread," it said.
Intel Security noted that it had predicted in 2010 that the increase in device users, bigger networks and cloud-based services would create a "perfect security storm", but admitted this had come about faster than it expected.
"The adoption of cloud computing, IoT devices and mobile devices moved faster than we expected. Our 2010 prediction of 31 billion internet-connected devices by 2020 now seems an underestimate," the firm said.
"Consumers have very quickly adopted cool technology. Rapid device adoption is connecting our homes and organisations to the IoT in healthcare, energy, logistics, retail, cities, transport, automotive and manufacturing."
Conversely, the report acknowledged that, despite the rapid growth in mobile malware, most of the cyber attacks are still relatively minor in scope and impact.
"The value of data recoverable from a smartphone is relatively low, and smartphones are not a prominent attack vector for the enterprise," it said.
"The automatic backup capability of many smartphones and tablets make them straightforward to clean and recover if they are infected or ransomed, at least until criminals manage to attack the cloud-based backups."
The report added that attacks on mobile devices are often constrained by the limits imposed by official app stores that filter out malicious downloads before they reach the consumer.
"Although the volume of mobile devices has increased even faster than we expected, serious broad-based attacks on those devices have grown much more slowly than we thought," said the report.
"Application markets for smartphones and tablets are also much more restrictive, acting like whitelisting services to limit downloads of malicious apps. These restrictions are not 100 percent effective, but they do constrain the growth of mobile attacks."
Cyber warfare trends
Another trend highlighted in the report is the broader changes in cyber warfare and how the anonymous Tor network is aiding the development of cyber attacks.
"We have witnessed the transformation of cybercrime into a full-fledged industry with suppliers, markets, service providers, financing, trading systems and a proliferation of business models," said the report.
"Today, we face nation-state cyber warfare that includes some highly visible, although actively denied, state-sponsored attacks as well as long-term espionage. The rapid evolution of malware, increase in attack volume, and large scale of nation-state attacks has been surprising."
This is likely to be a reference to the recent high-profile attack on targets including the US Office of Personnel Management which resulted in the loss of over 21.5 million federal records and was linked to China.
These actions by cyber criminals, state-sponsored or not, are usually based on Tor which re-routes internet traffic to shield a user from detection.
"Anonymising networks, most notably Tor, and virtual currencies have become key to cyber criminals' abilities to remain hidden from law enforcement," said the report.
"Bitcoin and anonymous brokerages have also reinvigorated the ransomware market, making it commercially viable and spurring unexpectedly high growth."
The use of ransomware, which has grown 127 percent in the past year, according to Intel Security, and kits are rapidly being developed and sold on the dark web.
"Off-the-shelf toolkits for malware, affiliate programmes for ransomware, fill-in-the-blank attack-creation programs, and other familiar business offerings have been showing up in the dark web to support faster, simpler and broader distribution of attacks. It now takes very little skill to be a cyber criminal," the report said.
Vincent Weafer, senior vice president of Intel Security's McAfee Labs, warned that cyber threats and frequency of attacks are accelerating.
"To keep pace with such momentum, the cyber security community must continue to improve threat intelligence sharing, recruit more security professionals, accelerate security technology innovation, and continue to engage governments so they can fulfil their role to protect citizens in cyber space," he said.
Infected apps have been downloaded more than 50 million times
Customers of regular price-raising ISP and cable operator claim nationwide outages started on Monday
Pixel 2 smartphones and a Pixel-branded laptop also planned by Google
The moment you've all been waiting for...