While the entire world shifted to remote working, most IoT devices were left connected to corporate networks. Now, these devices had unpatched bugs, which served as a gateway for threat actors to break into. A recent survey conducted by ZScaler provides detailed insights into the current state of IoT security.
Some stats your way
On analyzing 575 million device transactions, along with 300,000 IoT-specific malware attacks blocked, the following numbers were crunched.
IoT malware has witnessed a rise of 700% as compared to the pre-pandemic numbers.
Gafgyt and Mirai accounted for 97% of the malware.
Manufacturing, retail & wholesale, technology, and healthcare sectors accounted for 98% of victims.
Among the transactions observed, 65% of those fell into the categories: set-top boxes (29%), smart TVs (20%), and smartwatches (15%).
In a 15-day timeframe, 18,000 unique hosts and almost 900 unique payload deliveries were observed.
Who to blame?
Most attacks originated in the U.S., China, and India, and mainly targeted Ireland, China, and the U.S.
Moreover, 76% of the entire transactions occurred over plaintext channels, while only 24% occurred over secure channels.
Stay safe but how?
Use strong, distinct passwords instead of default ones.
Gain complete visibility into all IoT devices in the network.
Patch unpatched flaws and execute zero-trust policy.
The bottom line
As the number of IoT devices grows with every passing day, the number of threat actors targeting them is rising too. Hence, it is crucial that cybersecurity defenses are implemented effectively to keep the doors to confidential data closed away from attackers.