Researchers warned at the start of 2020 that the emergence of 'shadow IoT devices' -- such as employee devices connected to corporate networks without the knowledge of IT teams -- are putting organizations at serious risk.
Fitness trackers, smartwatches, and medical devices are only some of many IoT endpoints that can be exploited to gain a foothold into corporate networks.
In February, an alert was issued that warned of a vulnerability in over 2,300 smart building access systems that was being exploited by attackers to launch DDoS attacks. Linear eMerge E3 systems were being targeted.
McAfee said in February that "model hacking" can be used to compromise the machine learning (ML) and intelligent systems in modern vehicles. A study into the security risks of smart vehicles revealed it was possible to compromise the MobilEye camera system, used in many car models today.
ESET, too, documented how other home IoT devices -- in this case, Fibaro, Homematic, and eLAN hubs used to connect and control full IoT setups -- were exploitable for nefarious purposes.
The severe vulnerabilities included unauthenticated, remote code execution, full device hijacking, and Man-in-the-Middle (MitM) attacks.
In early May, cybersecurity researchers revealed a new form of malware, Kaiji, that is specifically targeting IoT devices and Linux servers. The malware is compromising devices via brute-force attacks to rope them into a botnet that has the capability to perform six different types of DDoS attacks.
While not your standard home IoT setup, high-performance supercomputing systems across the UK, Germany, and Switzerland were targeted and infected with cryptocurrency mining malware in May, forcing operators to close down numerous clusters.