IoT and Operational Technology (OT) devices have witnessed a staggering four-fold surge in malware attacks within a year, underscoring the tenacity and adaptability of cybercriminals, according to recent findings.
The 2023 Enterprise IoT and OT Threat Report by Zscaler ThreatLabz, which examined around 300,000 thwarted attacks on IoT devices over half a year, sheds light on the unyielding nature of cyber threats.
The study reveals that attackers predominantly target longstanding vulnerabilities. Of the top 39 IoT exploits, 34 leveraged weaknesses present in these devices for over three years. In a significant 66% of these attacks, adversaries attempted to utilize Mirai and Gafgyt, renowned malware strains. These strains convert susceptible devices into a botnet, which can subsequently be harnessed for distributed denial of service (DDoS) onslaughts.
Which sectors are affected the most?
DDoS attacks powered by botnets result in billions of dollars in damages globally across various sectors, as per the report. Moreover, targeting OT devices with DDoS attacks can jeopardize critical industrial operations, potentially endangering human lives.
Manufacturing and retail sectors account for over half (52%) of IoT device traffic. Devices such as 3D printers, geolocation trackers, industrial control systems, car multimedia setups, data collection terminals, and payment kiosks are the primary contributors to this digital network traffic.
The manufacturing industry alone faces an average of 6,000 IoT malware attacks weekly. The education sector, another prime target, is under relentless malware assault, primarily due to the vast reservoir of sensitive data it holds.
This data can be exploited by cybercriminals in various malicious ways. Shockingly, the New YouTube update reveals that IoT malware attacks in the education realm surged by an astounding 1000%.
Geographically, Mexico topped the list with 46% of the year’s infections, closely followed by Brazil and Colombia. Interestingly, a whopping 96% of IoT malware is disseminated from compromised IoT devices located within the United States.
Digital vulnerabilities exposed
The recent surge in malware attacks on Internet of Things (IoT) and Operational Technology (OT) devices underscores a pressing concern in our increasingly connected world. As industries and sectors embrace the conveniences and efficiencies of smart devices, they inadvertently open themselves up to a new frontier of cyber threats.
While manufacturing’s digital transformation accelerates, it’s alarming to see it besieged by an average of 6,000 IoT malware attacks weekly. The education sector’s vulnerability is equally concerning. Institutions, in their bid to modernize and digitize, have become treasure troves of sensitive data, making them attractive targets for cybercriminals.
Geographically, the concentration of infections in Mexico and the significant malware distribution from compromised U.S. devices highlight the global nature of this threat. It’s not just a regional issue; it’s a global one.