Zscaler Determines 700 Percent Growth of IoT Malware on Corporate Networks

Zscaler released a new research report in which it analyzed common security holes found in Internet of Things (IoT) deployments. The company’s ThreatLabz threat-research team’s “IoT in the Enterprise Report: Empty Office Edition” noted that a “staggering” 833 IoT malware attacks are blocked, each hour, by the Zscaler cloud.

The report, in particular, seeks to answer the question: “What happens when employees abandon their smart devices at work?”

Using data collected between December 14 and 31, 2020, Zscaler focused on two areas:

  • Conducting an IoT device fingerprinting study to identify devices and traffic.
  • Analyzing IoT malware based on data collected from the Zscaler cloud.

Key findings include a 700 percent Y2Y increase in IoT malware on corporate networks; the majority of risks stemming from entertainment and home automation devices; 76 percent of IoT communications occurring on an unencrypted or plain-text channel; and the Gafgyt and Mirai malware families accounting for 97 percent of blocked malware payloads. The study also indicated that 98 percent of IoT attacks occurred within the technology, manufacturing, healthcare, and retail and wholesale sectors, with most penetrations originating in China, the U.S.. Most-targeted countries included Ireland, the U.S. and China.