sb-as logo
Story image

Malware targeting IoT devices skyrockets as transactions rise 1,500%

Zscaler today announced the release of the company’s second annual Internet of Things (IoT) report, which reveals a massive rise in the rate of usage of IoT devices and with it, an increase in cyber attacks against devices. 

According to the report, Zscaler customers are generating more than 1 billion IoT transactions per month in the Zscaler cloud.

This amounts to a 1,500% increase over the period between this and 2019’s report. 

By analysing two weeks of this traffic through Zscaler cloud, Zscaler found 553 different IoT devices across 21 categories from 212 manufacturers.

The company also found and blocked 14,000 IoT-based malware attempts per month.

Key Findings:

Unauthorised IoT devices on the rise:

The top unauthorised IoT devices Zscaler observed include digital home assistants, TV set-top boxes, IP cameras, smart home devices, smart TVs, smartwatches, and even automotive multimedia systems.

Manufacturing & retail industries top IoT traffic volume 

Manufacturing and retail customers generated the highest IoT traffic volume (56.8%) followed by enterprises (23.7%), entertainment and home automation (15.7%), and healthcare (3.8%). 

Majority of IoT transactions are insecure

83% of IoT-based transactions are occurring over plain-text channels, whereas only 17% are using secure (SSL) channels.

Exponential increase of IoT malware: 

Zscaler blocked 14,000 IoT-based malware attempts per month. That number has increased more than seven times than the May 2019 research.

New exploits emerging to target unauthorized devices: 

New exploits that target IoT devices are popping up all the time, such as the RIFT botnet, which looks for vulnerabilities in network cameras, IP cameras, DVRs, and home routers.


We have entered a new age of IoT device usage within the enterprise,” says Zscaler vice president of security research Deepen Desai. 

“Employees are exposing enterprises to a large swath of threats by using personal devices, accessing home devices, and monitoring personal entities through corporate networks,” says Desai.

“As an industry, we need to implement security strategies that safeguard enterprise networks by removing shadow IoT devices from the attack surface while continuously improving the detection and prevention of attacks that target these devices.”

Organisations around the world are observing this Shadow IoT phenomenon, in which employees are bringing unauthorised devices into the enterprise. 

With an unprecedented increase in unknown and unauthorised devices, IT and security teams often won’t know that these devices are on the corporate network nor how they impact an organisation’s overall security posture, the study finds.

As manufacturers bring more devices to market, the IoT threat landscape and its potential for breaches is expanding and changing.

The incredibly fast pace of IoT devices arriving to the market means organisations are scrambling to gain an understanding of what types of devices are communicating data, and how to secure the IoT ecosystem as a whole. 

From their inception, IoT devices were meant to be disposable, short-term investments due to low acquisition cost, inherent flaws, and the speed with which the device software becomes irrelevant/end-of-life, says Zscaler. 

There is no protocol for continuous testing, updating software, or patching, and yet these devices are all connected to the internet and to many corporate networks.

Over the quarter, Zscaler blocked approximately 42,000 transactions which were IoT-based malware and exploits. 

The top malware families included Mirai, Gafgyt, Rift, Bushido, Demonbot and Pesirai. 

The top destinations connected to by IoT malware families and exploits are the United States, the UK, Russia, The Netherlands and Malaysia.

Story image
The business case for an in-house ethical hacker
Ethical hackers, also known as penetration testers or white-hat hackers, mimic the techniques used by malicious hackers to try and break into computer systems and discover vulnerabilities before the bad guys can exploit them.More
Story image
Nokia: Cyber attacks on internet-connected devices on the rise
Cyberattacks on internet-connected devices continue to rise at an alarming rate due to poor security protections.More
Story image
Revealed: Imperva publishes research on decade old botnet, responsible for millions of attacks
Imperva Research Labs has revealed findings of a six-month intensive investigation into a botnet that has been exploiting CMS vulnerabilities.More
Story image
Financial institutions in APAC region to invest millions in fraud prevention
"The pandemic is creating a lot of uncertainty, but the majority of FIs in APAC recognise that an end to end fraud management platform is strategic to differentiating themselves from the highly disruptive landscape they are playing in."More
Story image
Lumen launches managed security services for APAC market
The new service is designed to provide enterprise businesses with a proactive, connected security strategy to enhance threat detection and protection across endpoints. More
Story image
Businesses left to make decisions based on old, inaccurate data, study finds
"It is more critical than ever that organisations have access to actionable, contextualised, near real-time threat data to power the network and application security tools they use to detect and block malicious actors."More