Thanks to a study by Zscaler, we find that Internet of Things devices are a major source of security breaches. An increase of more than 700% of specific malware for the IoT and the more “talkative” devices.
Thanks to a study by Zscaler, leader in cloud security, we now know the status of IoT devices connected to corporate networks. The survey refers in particular to the first pandemic period, the one in which companies found themselves having to rapidly and widely adopt teleworking. The new study analyzed more than 575 million device transactions and 300,000 malware attacks aimed specifically against IoT devices. The data is alarming: a 700% increase compared to the pre-pandemic results.
These attacks targeted 553 different types of devices (printers, digital signage solutions and smart TVs) all connected to corporate IT networks. All while many employees were smart working during the COVID-19 pandemic. The Zscaler ThreatLabz research team has identified the most vulnerable IoT devices. It also identified the origins and families of malware responsible for most of the malicious traffic.
“For more than a year, most of the corporate offices were mostly unused. However, our service teams found that despite the lack of employees in the office, corporate networks were still buzzing with IoT activities, ”he said. Deepen Desai, CISO di Zscaler who then continued: “The volume and variety of IoT devices connected to corporate networks is vast and includes different types of devices, from music lamps to IP cameras. 76% of these devices still communicate on unencrypted text channels, which means that IoT transactions represent a great risk for companies ”.
Out of more than half a billion IoT device transactions, Zscaler has identified 553 different devices from 212 manufacturers. 65% of these fell into three categories: set-top box (29%), smart TV (20%) e smartwatch (15%). Most of the traffic came from devices used in manufacturing and retail. 59% of all transactions included 3D printers, geolocators, barcode scanners and payment terminals. Corporate devices ranked second, with 28% of movements, followed by healthcare devices with nearly 8% of traffic.
ThreatLabz also discovered a number of Internet of Things devices that unexpectedly connect to the cloud. These included smart fridges and music lamps that were still sending traffic across corporate networks.
The ThreatLabz team also carefully examined the specific IoT malware activities tracked in the Zscaler cloud. A total of 18,000 unique hosts and approximately 900 unique payload deliveries were observed over a 15-day period. The Gafgyt and Mirai malware families were the two families most detected by ThreatLabz, accounting for 97% of the 900 unique payloads.
The top three nations targeted by IoT attacks were Ireland (48%), the United States (32%) and China (14%). Most compromised IoT devices, nearly 90%, have been observed sending data back to servers in one of three countries: China (56%), United States (19%) or India (14%).
As the list of Internet of Things devices grows every day, it’s nearly impossible to stop them from joining the company. IT teams should implement access policies that prevent these devices from serving as open doors to the most sensitive corporate data. These policies and strategies can be employed whether IT teams (or other employees) are on-site or not. ThreatLabz recommends the following tips to mitigate the IoT malware threat, on both managed and BYOD devices:
In view of the sixth F1 round of the season which will stop in the…
Different motivations but same objectives, score points. So let's find out where to watch Salernitana-AtalantaTelevision…
Let's discover QuiGioco together, a new platform in the great universe of online casinos and…
Amazon Prime Video releases for May 2024: here are the films, shows and TV series…
In this new episode of Anime Breakfast, this time a review, let's find out together…
Ferrari has finally revealed on its social channels the new look of the SF-24 that…