Recent observation situation

TOP
Recent observation situation

IoT device observation status as of September 2025

Observation outline

Total number of
IoT devices monitored

116 million cases/month

Number of IoT devices monitored at IP addresses of participating internet service providers

IoT device with ID
or password
easy to guess

14,489 cases/month

Device whose administration authority is likely to be taken over or that is likely to be involved in a cyberattack because an ID or password easy to guess is used

IoT device with
firmware vulnerability

This
month: 2,816 cases

Device that has a risk of being illegally used by a third party because the firmware has not been updated to the latest version

Number of IoT devices
found to have been
infected with malware

480
cases max./day

IoT device suspected of being infected with Mirai. It is likely to have been involved in a cyberattack.

*IP addresses may be added up in duplicate if some fluctuate.
*Maximum value per day in the month is shown.

Number of IoT devices
that could be used as
a jump server for a
distributed reflection denial
of service (DrDoS) attack

This
month: 15,274 cases

Number of IoT devices detected and likely to be used as a jump server for a DrDoS attack

Statistics of detected devices

Type of device that has ID/password
that is easy to guess

Security management practice (Japanese Only) Risk lurking in router/network cameras (Japanese Only)

Recent observation situation

IoT device observation status as of September 2025

Observation outline

Total number of IoT devices monitored

IoT device with ID or password easy to guess

IoT device with firmware vulnerability

Number of IoT devices found to have been infected with malware

Number of IoT devices that could be used as a jump server for a distributed reflection denial of service (DrDoS) attack