IoT malware attacks rise 400% this year

New Delhi Malware attacks against Internet of Things (IoT) and Operational Technology (OT) devices have increased by 400 per cent this year when compared to the previous year, a new report showed on Wednesday.

The report by the cloud security company Zscaler, which analysed approximately 3 lakh blocked attacks on IoT devices over a six-month period, highlighted the relentless nature of cyber threat actors, revealing that attackers are primarily targeting legacy vulnerabilities.

“Weak enforcement of security standards for IoT device manufacturers coupled with the proliferation of shadow IoT devices at the enterprise level poses a significant threat to global organisations. Often, threat actors target ‘unmanaged and unpatched’ devices to gain an initial foothold into the environment,” said Deepen Desai, Global CISO and Head of Security Research, Zscaler.

The researchers indicated that cybercriminals are targeting legacy vulnerabilities, with 34 of the 39 most popular IoT exploits specifically directed at vulnerabilities that have existed for over three years.

The 'Mirai' and 'Gafgyt' malware families continue to account for 66 per cent of attack payloads, creating botnets from infected IoT devices that are then used to launch denial-of-service (DDoS) attacks against lucrative businesses, according to the report.

Manufacturing and retail accounted for nearly 52 per cent of IoT device traffic, with 3D printers, geolocation trackers, industrial control devices, automotive multimedia systems, data collection terminals, and payment terminals sending the majority of signals over digital networks.