Organizations need to take charge of their own IoT device security. It is not something that should be outsourced.
The world is being overrun with devices, accompanies by trillions of transactions, a fact not lost on the hackers of the world. In fact, over the past year, there has been a 400% increase in malware attacks on Internet of Things (IoT) devices.
That’s the finding presented in a new analysis published by Zscaler ThreatLabz. It’s notable, the study’s authors point out, that over the course of three months, there were three trillion IoT device transactions from 850-plus unique device types. The highest volume of IoT device traffic came from the manufacturing industry, which has been aggressively adopting smart technology to meet requirements for rapid supply chain fulfillment and innovation. Overall, the global number of connected IoT devices is projected to surpass 29 billion by 2027, a sharp increase from 16.7 billion in 2023.
The report analyzed malware activity over a six-month period between January and June of 2023, analyzing approximately 300,000 blocked attacks on IoT devices from known IoT hackers. This represents a 400% increase in IoT malware attacks compared to the previous year (January–June 2022).
See also: Application Security for IoT: 10 Best Practices
The biggest culprits are the Mirai and Gafgyt botnets. These malware families continue to account for 66% of attack payloads, creating botnets from infected IoT devices that are then used to launch denial-of-service attacks against lucrative businesses. Botnet-driven distributed DDoS attacks are responsible for billions of dollars in financial losses across industries around the globe. In addition, DDoS attacks pose a risk to operational technology by potentially disrupting critical industrial processes and even endangering human lives.
The research also shows that cybercriminals are targeting legacy vulnerabilities, with 34 of the 39 most popular IoT exploits specifically directed at vulnerabilities that have existed for over three years.
Network organizations need to take charge of their own security. It is something that cannot be outsourced, the study’s authors warn. “Regulatory frameworks and guidelines for device manufacturers are in the works, but are still in the nascent stages.”
The manufacturing and education sectors were targeted the most over the past year, with the education sector sustaining a nearly 1000% increase in IoT malware attacks, the study shows. The manufacturing industry, which relies heavily on both IoT and operational technology, was the top targeted sector, bearing the brunt of blocked IoT malware attacks, accounting for 55% of all attacks and averaging 6,000 weekly attacks across all monitored devices. Manufacturing represents fertile ground for hackers, accounting for nearly 52% of IoT device traffic, with 3D printers, geolocation trackers, industrial control devices, automotive multimedia systems, data collection terminals, and payment terminals sending the majority of signals over digital networks.
Malware trends that specifically target IoT devices have emerged as a significant threat to operational technology systems, the study also shows. “The interconnectedness of IoT and OT allows malware to travel from corporate networks into critical OT systems, not only disrupting important processes but endangering the safety and lives of human beings who get caught in a cyber-physical attack. Moreover, the VPNs that remote contractors use to connect to OT systems have themselves become key attack vectors and another entry point for malware into the network.”
The research team for this study analyzed device logs from a multitude of sources and industry verticals between January and June 2023, as well as data derived from customer deployments that connect to the Zscaler global security cloud, which processes over 500 trillion daily signals and blocks 9 billion threats and policy violations per day, with over 250,000 daily security updates.
