Logo Teldat
boton
Contact us
Cybersecurity
Increasing Cybersecurity Risks in IoT and Edge Computing in 2025

In 2025, the cybersecurity risks continues to undergo a drastic transformation due to the massive consolidation of IoT and Edge Computing. Itโ€™s not just about more connected devices โ€” itโ€™s about increasingly intelligent nodes with processing and decision-making capabilities at the network edge. This technological shift expands the attack surface and introduces new vectors for sophisticated adversaries.

Global and national organizations โ€” such as the World Economic Forum (WEF), INCIBE, and industrial security experts โ€” warn that many traditional protection mechanisms are no longer sufficient. Attackers are exploiting vulnerabilities in IoT and Edge to proliferate malware, perform automated scans, launch botnets, or inject false data into critical systems. All of this can be orchestrated with AI.

 

The increase of cybersecurity risks in IoT sector - Teldat

Growing exploitation of IoT devices by automated bots

Recent reports show a dramatic rise in automated scanning targeting IoT assets. According to various studies, cybercriminals are โ€œshifting their focus toward vulnerable systems such as IoT and Edge networks much earlier in their attack chains,โ€ with record-breaking scanning rates, as noted by Techradar. In addition, Kaspersky has detected more than 10,000 exposed IoT devices worldwide โ€” many of them routers or cameras with insufficient protection โ€” representing a clear risk of massive compromise.

Impact on smart homes

One particularly alarming fact: IoT reports this year indicate that Smart Homes are experiencing nearly 29 IoT attacks per day on average (Cybersecuritynews). This highlights not only the scale but also the automation and sophistication of attacks targeting home devices, which have traditionally been considered as of โ€œlow-criticality.โ€ Yet they are now becoming entry points for larger malicious campaigns.

 

Obsolescence and industrial cybersecurity risks

Industrial hyperconnectivity is another major area of risk. Many industrial facilities are being targeted due to outdated and poorly managed IoT devices. At the same time, Edge Computing is being used to enhance analytics and AI-driven automation. However if this is not properly secured, it can become a gateway for potential attackers.

 

Vulnerabilities in tracking and telemetry systems

A particularly representative case is the report on vulnerabilities in SinoTrack tracking devices (used for vehicle tracking). In 2025, researcher Raรบl Ignacio Cruz Jimรฉnez reported critical CVEs that allowed real-time location tracking and manipulation of certain systems. This poses serious risks to the integrity of fleets or connected vehicles. As vehicles become even more connected in the future, they will increasingly be targeted by attacks capable of rendering an entire fleet inoperative.

Sophisticated IoT malware: the resurgence of botnets

In 2025 we also observed the resurgence of advanced IoT-based botnets. For example, the โ€œGayfemboyโ€ variant derived from Mirai has been identified targeting routers from brands like Cisco, TP-Link, and Zyxel by exploiting vulnerabilities. It has also been used for deploying malware aimed at cryptocurrency mining. These developments show that IoT threats remain very active, and attackers are evolving to compromise increasingly critical devices.

Below is an analysis of how vulnerabilities have expanded across IoT environments.

Expanded and distributed attack surface

  • Limited security capabilities: many IoT devices cannot support strong encryption or rely on default credentials.
  • Lack of visibility: organizations often lack a complete inventory of all connected devices, complicating protection efforts.
  • Lateral movement: once a sensor or camera is compromised, attackers can pivot toward more critical IT or OT systems.

 

Edge Computing as an attack vector

  • Edge nodes process data locally, meaning a compromise can corrupt or alter decisions before they even reach the cloud.
  • More sophisticated malware can reside in Edge nodes (e.g., miners, malicious scripts, rootkits), leveraging hardware capabilities for persistence or attack.
  • In industrial environments, Edge is also used for AI or automation, making its security essential to maintaining operational integrity.

 

Supply chain and firmware-specific threats

  • Many IoT devices rely on external components or third-party firmware. If these are insecure or compromised, the risk spreads across the entire network.
  • OTA (over-the-air) updates that are poorly designed, can become entry points; attackers could deploy malicious firmware at scale.
  • Threat models increasingly include inserting backdoors into the supply chain or manipulating firmware images before deployment.

Mitigation measures and strategies

To address these risks in 2025, technical organizations must implement a combination of advanced strategies:

Dynamic inventory and visibility

  • Continuous scanning of IoT devices and Edge nodes.
  • Integration with Asset Management solutions to classify devices by criticality and risk.

Functional segmentation and isolation

  • Using VLANs or microsegmentation to separate IoT, Edge, and critical systems.
  • Zero Trust policies adapted to IoT and Edge environments.

Communication protection

  • Strong encryption for data in transit (TLS 1.3, IPsec) andย  when possible post-quantum algorithms.
  • Strong authentication (certificates, keys) for IoT devices and Edge nodes.

Secure Edge gateways

  • Edge devices featuring NGFW, integrated IDS/IPS, and deep inspection capabilities.
  • Continuous behavior monitoring (anomalies, traffic) using lightweight AI at the Edge itself.

Firmware management

  • Digital signatures for OTA updates.
  • Cryptographic verification before deployment.
  • Rollback strategies for failed updates.

Real-time detection

  • Lightweight anomaly-detection algorithms using Edge-based or centralized models (e.g., federated learning, lightweight LLMs).
  • Techniques such as eBPF/XDP to mitigate DDoS directly at IoT/Edge network stack level.
  • Rapid alert protocols and automated response to isolate compromised nodes.

 

Conclusion

The year 2025 has made it clear that risks within IoT and Edge Computing are not mere projections โ€” they are tangible realities. The combination of automated scanning, sophisticated botnet malware, firmware vulnerabilities, and widespread device obsolescence creates an environment in which cyber defense must reinvent itself.

For organizations relying on these environments โ€” whether industrial, Smart Cities, telecom operators, or companies with Edge deployments โ€” resilience is not optional. A robust technical strategy is needed, one that integrates inventory, segmentation, encryption, monitoring, and advanced response capabilities.

In this context, Teldat can play a decisive role. Its secure gateway solutions, inspection capabilities, visibility tools, and advanced response features โ€” along with strong encryption through certificates and post-quantum technologies โ€” can help protect and secure IoT and Edge architectures at scale. All of this enables compliance with modern regulatory requirements while proactively mitigating emerging and complex risks in 2025.

 

Sources

https://es.weforum.org

https://www.computerworld.es

https://www.incibe.es

https://karspesky.com

Tags: cybersecurity Cybersecurity "Made in Europe" cybersecurity solutions Network security
November 24, 2025
Juan Rodrigo

Juan Rodrigo

Development Engineer, is part of Teldatโ€™s R&D Department. Within this department he is part of the General Software Development Department.

Related Postsย 

A New Path to IPv6 Networks

A New Path to IPv6 Networks

Nov 18, 2025 |

The shortage of IPv4 addresses has accelerated the move toward IPv6. With roughly 4.3 billion possible addresses (32 bits), IPv4 can no longer meet the needs of modern connected devices. IPv6, by contrast, uses 128 bitsโ€”roughly 340 sextillion...

read more