They say “Write what you know.” That becomes applicable for diverse trades of writers; no matter the topic, a strong knowledge base usually lends a strong output, content-wise.
For me, though I also cover Smart City Sentinel, Future of Work News and other sister sites of ours, the Internet of Things (IoT), the Industrial Internet of Things (IIoT), as well as the Artificial Intelligence of Things (AIoT), as of late – advances in these industries have been extremely significant, and it has become a key part of my knowledge base. (I suspect it’ll stay that way, too; IoT devices are proliferating immensely, and so too will the news coverage about the latest “of Things” innovations.)
So, let’s discuss that proliferation – specifically, how the risk of IoT-specific malware is also increasing dramatically, in turn.
According to Statista, the number of IoT cyber attacks worldwide amounted to over 112 million last year. That’s a crazy figure, given it was around 32 million back in 2018. In five years, attacks have skyrocketed.
Another big name researching the IoT malware landscape is Zscaler. Earlier today, the
“Zscaler ThreatLabz 2023 IoT and OT Threat Report” and its findings were released. It provides an in-depth study of IoT malware activity that spanned a six-month period and analyzed approximately 300,000 blocked attacks on IoT devices – notably, securely blocked the Zscaler Zero Trust Exchange platform.
This number of attacks, albeit blocked, represents a bewildering 400% increase in malware compared to 2022. We’re not talking about “back in 2018” anymore. This is, without a doubt, a highly important concern for security on both physical and digital levels, as the mobility of IoT malware can, in Zscaler’s words, “facilitate movement across different networks, potentially endangering critical OT infrastructure entirely.”
In its report, ThreatLabz focused on the consistent growth in attacks, the top sectors that are being targeted (and which countries, as well), and more about the double-edged sword that has become our reliance on everything IoT.
Below, I’ve condensed Zscaler’s top takeaways and the data therein:
Legacy vulnerabilities are prime targets for botnet-driven DDoS attacks. Cybercriminals are actively targeting legacy vulnerabilities, with 34 of the 39 most-used IoT exploits specifically being directed at vulnerabilities which have existed for at least three years. As Zscaler has reported, “The Mirai and Gafgyt malware families continue to account for 66% of attack payloads, creating botnets from infected legacy IoT devices that are then used to launch DDoS attacks, especially against lucrative businesses.” Botnet-driven distributed DDoS attacks are responsible for billions of dollars in financial losses across industries around the globe.
Manufacturing and education are at the heart of IoT malware attacks. The former currently accounts for 54.5% of total IoT device traffic; 3D printers, data collection terminals, geolocation trackers, industrial sensors, payment terminals, and even automotive multimedia systems send the majority of signals over our digital networks. This attracted cybercriminal attention, and now the sector sees an average of 6,000 IoT/OT malware attacks per week. Per Zscaler, “Substantial IoT malware attacks can disrupt critical OT processes, which are integral in many industrial manufacturing plants like automotive, heavy manufacturing, and plastic and rubber.” This creates can’t-ignore, long-term safety and operational challenges for teams to handle.
Moreover, education has suffered from outsized criminal attention, “with the propagation of unsecured as well as shadow IoT devices within school networks providing attackers with easier access points.” There is a bona fide wealth of personal data stored on educational institutions’ networks, which is why this sector’s attack rates increased by nearly – and I’m lamenting having to type this many zeros here – 1,000%. (Technically, it’s 961%, but the fact that it’s even that close a thousand demands attention.)
In short, regardless of sector, the right IoT protections are sorely needed.
- The U.S. and Mexico are targeted most frequently. Zscaler’s findings show that 69.3% of all IoT malware infected compromised devices in the U.S. and Mexico.
(Note: Three of the top four countries most plagued by this are Latin American countries.) Global IoT protections, again, are very sorely needed, but the U.S. and Mexico need IoT security the most, according to the report.
“Weak enforcement of security standards for IoT device manufacturers – coupled with the proliferation of shadow IoT devices at the enterprise level – poses a significant threat to global organizations,” said Deepen Desai, Global CISO and Head of Security Research, Zscaler. “Often, threat actors target ‘unmanaged and unpatched’ devices to gain initial footholds into the environment. To address these challenges, I encourage organizations to enforce zero trust principles when securing IoT and OT devices. Never trust, always verify, and assume breach. Organizations can eliminate lateral movement risk by utilizing continuous discovery and monitoring processes to segment these devices.”
The moral of this long-story-short summary of Zscaler’s data?
We can’t stress it enough: Securing everything IoT against malware attacks should take a top priority for organizations, and Zscaler underscores the need for better zero trust architecture to protect critical infrastructure.
So while I hope to continue “writing what I know” as far as IoT goes, readers, I also hope that these attack numbers are slowed. In the modern era, this must be taken seriously.
Edited by
Greg Tavarez
