New Delhi: Malware attacks against Internet of Things (IoT) and Operational Technology (OT) devices have increased by 400 per cent this year when compared to the previous year, a new report showed on Wednesday.
The report by the cloud security company Zscaler, which analysed approximately 3,00,000 blocked attacks on IoT devices over a six-month period, highlighted the relentless nature of cyber threat actors, revealing that attackers are primarily targeting legacy vulnerabilities.
“Weak enforcement of security standards for IoT device manufacturers coupled with the proliferation of shadow IoT devices at the enterprise level poses a significant threat to global organisations. Often, threat actors target ‘unmanaged and unpatched’ devices to gain an initial foothold into the environment,” said Deepen Desai, Global CISO and Head of Security Research, Zscaler.
The researchers indicated that cybercriminals are targeting legacy vulnerabilities, with 34 of the 39 most popular IoT exploits specifically directed at vulnerabilities that have existed for over three years.
The ‘Mirai’ and ‘Gafgyt’ malware families continue to account for 66 per cent of attack payloads, creating botnets from infected IoT devices that are then used to launch denial-of-service (DDoS) attacks against lucrative businesses, according to the report.
Manufacturing and retail accounted for nearly 52 per cent of IoT device traffic, with 3D printers, geolocation trackers, industrial control devices, automotive multimedia systems, data collection terminals, and payment terminals sending the majority of signals over digital networks.
The education sector experienced a substantial increase in IoT malware attacks, with a percentage jump of 961 per cent.
The wealth of personal data stored on their networks has made educational institutions particularly attractive targets, leaving students and administrations vulnerable, the report said.
In addition, the report showed that the US is a top target for IoT malware authors, with 96 per cent of all IoT malware distributed from compromised IoT devices in the country.
Mexico experienced the most infections, with 46 per cent of all IoT malware infections.