A new study has found that IoT-specific malware attacks had sharply increased by 700 per cent when compared with pre-pandemic findings.
After analyzing over 575 million device transactions, Zscaler has revealed it had blocked over 300,000 IoT-specific malware attacks over the course of two weeks in December 2020.
The data collated in Zscaler's new IoT in the Enterprise: Empty Office Edition report has uncovered attacks targeted 553 different device types, including printers, digital signage and smart TVs, all connected to and communicating with corporate IT networks while many employees were working remotely during the COVID-19 pandemic.
According to Deepen Desai, CISO of Zscaler, the company's service teams noted that despite a lack of employees in the office, enterprise networks were still buzzing with IoT activity.
“For more than a year, most corporate offices have stood mostly abandoned as employees continued to work remotely during the COVID-19 pandemic,” Desai said.
“The volume and variety of IoT devices connected to corporate networks is vast and includes everything from musical lamps to IP cameras.
"Our team saw 76 per cent of these devices still communicating on unencrypted plain text channels, meaning that a majority of IoT transactions pose great risk to the business.”
Out of over half a billion IoT device transactions, Zscaler identified 553 different devices from 212 manufacturers, 65 per cent of which fell into three categories: set-top boxes (29 per cent), smart TVs (20 per cent), and smartwatches (15 per cent).
The home entertainment and automation category had the greatest variety of unique devices but they accounted for the least number of transactions when compared with manufacturing, enterprise and healthcare devices.
Most traffic instead came from devices in manufacturing and retail industries. Over 59 per cent of all transactions were from devices in this sector included 3D printers, geolocation trackers, automotive multimedia systems, data collection terminals like barcode readers, and payment terminals.
Enterprise devices were the second most common, accounting for 28 per cent of transactions, and healthcare devices followed at nearly 8 per cent of traffic.
The study also found a number of unexpected devices connecting to the cloud, including smart refrigerators and musical lamps that were still sending traffic through corporate networks.
A total of 18,000 unique hosts and roughly 900 unique payload deliveries were observed in a 15-day timeframe.
Malware families Gafgyt and Mirai were the two most common families tracked, accounting for 97 per cent of the 900 unique payloads. The two families are known for hijacking devices to create botnets - large networks of private computers that can be controlled as a group to spread malware, overload infrastructure, or send spam.
The top three nations targeted by IoT attacks were Ireland (48 per cent), the US (32 per cent), and China (14 per cent).
The majority of compromised IoT devices, nearly 90 per cent, were observed sending data back to servers in one of three countries: China (56 per cent), the US (19 per cent), or India (14 per cent).
Nastasha is a Journalist at Momentum Media, she reports extensively across veterans issues, cyber security and geopolitics in the Indo-Pacific. Previously, she was a Content Producer at Verizon Media, a Digital Producer for Yahoo! 7 and Channel 7, a Digital Journalist at Sky News Australia, as well as a Website Manager and Digital Producer at SBS Australia. She started her career in media as a Video Producer and Digital News Presenter at News Corp Australia.