Malware attacks against Internet of Things (IoT) and Operational Technology (OT) devices have quadrupled in a year as criminals demonstrate perseverance and the ability to adapt to changing circumstances, new research shows.
The ZscalerTM ThreatLabz 2023 Enterprise IoT and OT Threat Report, based on an analysis of approximately 300,000 blocked attacks on IoT devices over a six-month period, shows just how ruthless cyberspace threat actors are.
According to the report, the attackers mainly target older vulnerabilities. Of the 39 most popular IoT exploits, 34 exploit flaws that have existed in these devices for at least three years. In two-thirds of all attacks (66%), threat actors would attempt to deploy Mirai and Gafgyt, popular malware families that assimilate vulnerable devices into a botnet that can later be used for distributed denial of service (DDoS) attacks.
Manufacturing and retail
Botnet-driven DDoS attacks are causing “billions of dollars” in financial losses in industries around the world, the report claims. Furthermore, DDoSing OT devices can disrupt critical industrial processes, potentially even endangering human lives.
More than half of IoT device traffic comes from manufacturing and retail companies (52%), with 3D printers, geolocation trackers, industrial control equipment, automotive multimedia systems, data collection terminals and payment terminals sending the majority of signals over digital networks.
At the same time, the manufacturing sector experiences an average of 6,000 IoT malware attacks every week. Another sector that can’t catch its breath from a constant barrage of malware attacks is education. This is mainly because the education sector stores vast amounts of sensitive information that cybercriminals can exploit in various ways. The report claims that IoT malware attacks in the education sector have increased by almost 1000%.
Most infections this year (46%) occurred in Mexico, followed by Brazil and Colombia (in no particular order). Nearly all IoT malware (96%) is spread from compromised IoT devices in the United States.