Zscaler’s latest study finds that manufacturers are especially at risk of malware or botnet attacks without some precautions in 2024
Jan 02, 2024The rate of cyber security threats for Internet of Things (IoT) systems has risen four-fold in the past year according to an annual report from Zscaler.
The growth in security threats—to systems that use IoT sensors and devices—partially results from the overall growth in technology use, the study found.
The actual use of IoT systems, including new adoptions and added connected devices, have grown at a rate of 18 percent since 2022, the company found. But while malware attacks grew by more than 400 percent compared to 2022, the fourth edition of the report found that 34 out of 39 vulnerability exploits leveraged by these malware authors are more than three years ago.
Zscaler Report
The Zscaler ThreatLabz 2023 IoT and Operational Technology (OT) Threat Report illustrates the vulnerabilities that are persisting for those using the technology, according to Deepen Desai, Zscaler's global CISO and VP of security research.
More than ever, Desai says, the report “highlights the need to prioritize protection against malware.”
Zscaler is an IT security solutions provider with a software platform aimed at cyberthreat, data protection, digital experience management and zero trust connectivity.
Where Malware Attacks are Happening
The 2023 report found botnet activity being led by Mirai and Gafgyt malware families—the two kinds of malware represent 66 percent of system attacks. The Mirai and Gafgyt botnets are denial for service versions of malware that have attacked Wi-Fi routers, computers and IoT systems.
The report detailed how cyber criminals are targeting legacy vulnerabilities—34 of the 39 most popular IT attacks taking advantage of vulnerabilities that existed for three years or more. The most targeted device is the router.
And the industry bearing the brunt of many of these malware attacks is manufacturing. Manufacturers globally experienced 6,000 attacks per week to their IoT systems, representing 54.5 percent of all such malware attacks. This year’s report found that education is suffering growth in malware attacks, rising a full 961 percent.
The most targeted countries continue to be Mexico and the United States—both countries collectively represent 69.3 percent of the world’s attacks.
Malware Targeting Vulnerabilities
Most IoT malware attacks happen through a handful of methods, says Desai. He points to shadow IoT devices that may be undetected, the use of default or weak credentials and unpatched vulnerabilities. Malware also provides a risk with distributed denial of service (DDoS) attacks.
When it comes to shadow devices, “not knowing what devices are connected to your network and what those devices are doing can be detrimental,” he says. Such invasions with shadow IoT devices can happen when a user has too much implicit trust.
“Any unsanctioned shadow IoT devices that need internet access should go through traffic inspection and, ideally, be blocked from corporate data via a proxy,” Desai says.
Additionally, users need to confirm passwords and proper encryption on a regular basis.
Establishing Zero Trust
Failure to oversee encrypted traffic is a common error that Desai points to. “You must inspect all encrypted traffic to prevent attackers from compromising systems,” he advises.
Desai adds that immediate calls of action for those using IoT devices involve adhering to true Zero Trust principles. That means IoT solution managers should embrace a multi-layered security approach to ensure a resilient IoT ecosystem.
“Embrace Zero Trust architecture and operate with a ‘trust no one and no device, inspect and verify every connection’ mindset,” he said.
In addition to identify vulnerabilities before they become a problem, Desai warns that you should “be prepared to disrupt attacks at any stage if threat actors exploit connected devices.”
Avoiding Common Mistakes
One common mistake companies make is taking an attitude that "IoT devices are not valuable targets" and therefore aren’t a security risk. Many users believe that, since their IoT devices don’t store sensitive information, like personal data or financial details, they are a lower security threat. However, IoT devices can be used as entry points into a network or as part of botnets for larger attacks.
In addition, users often assume that the default settings provided by IoT devices are secure. However, default settings are often generic and widely known, making them vulnerable to attacks, according to Desai.
IoT devices need regular updates and Zscaler has found users may overlook the importance of regularly updating the firmware and software of their IoT devices.
While many IoT devices have some level of security features, they are not always sufficient to protect against sophisticated attacks. Users should not solely rely on built-in security measures but should implement additional security measures, such as firewalls and encryption, according to the company.
Preparing Against Future Attacks
Looking ahead, Desai predicts “vulnerable IoT devices will increase as a primary threat vector, exposing enterprises to breaches and new security risks. That’s in part due to a lack of standardized security measures by device IoT developers and manufacturers.”
Such lack of standardization leads to vulnerabilities that attackers can exploit.
“Coupled with the widespread adoption and use of these devices, IoT is low-hanging fruit for easy yet significant financial gain for attackers. This will continue to lead to an uptick in IoT-related attacks in 2024 and beyond,” he said.
Zscaler predicts that manufacturing will continue to be a prime target for IoT attacks, at about 54.5 percent in this study, with an average of 6,000 attacks per week.
Healthcare IoT Could be at Risk Ahead
Beyond manufacturing, focus on industries such as healthcare will be critical, the study finds. IoT and Internet of Medical Things (IoMT) devices commonly used in healthcare environments will increasingly pose risks for the public. Many IoMT devices and the information they handle can impact people’s health, personal safety, and security.
The healthcare industry processes some of the highest data volumes and protects some of the most sensitive user data including health records, and payment processing information.
Beyond that, healthcare users still employ legacy devices that run outdated software, old protocols, and unsupported operating systems—all of which serve as weak protection against attacks.
The Promise (And Threat) of AI
Expanding artificial intelligence (AI) capabilities will empower threat actors, helping to identify targets and vulnerabilities in connected devices. While enterprises will increasingly leverage AI-powered technology for proactive threat mitigation, the darker side is this: threat actors will use AI-based tools to automate attacks and evade traditional security measures, leading to more targeted IoT attacks.
Additionally, more regulatory checks and mandates will be introduced to standardize IoT security measures, holding manufacturers accountable for the security of their products.
“Expect industry standards around user security and privacy concerns to impact IoT device manufacturers' security development practices as IoT threats continue to escalate in the years to come,” says Desai.
Key Takeaways:
- Study finds 400 percent increase in IoT cybersecurity risk in the past year.
- Zscaler’s system finds that improved security measures may be needed for those using the technology including manufacturers, schools and healthcare facilities where data is at risk, and sensitive.
