While the pandemic forced employees to work from home, most of their IoT devices were left behind connected to the corporate networks. Unpatched flaws in these connected devices provided a gateway for intruders to break into corporate systems. A recent survey by cloud security provider Zscaler analyzed the state of IoT devices that are still in the offices, while the employees are working remotely.
The survey “IoT in the Enterprise: Empty Office Edition” examined over 575 million device operations and 300,000 malware attacks on IoT devices, which Zscaler had blocked in December 2020. Nearly 76% of these IoT devices are still connected and maintaining communication with the company’s network on unencrypted plain text channels, posing severe security risks to businesses.
As per the survey findings, cyberattacks on connected devices surged by 700%, compared to the pre-pandemic period. Unauthorized IoT intrusions targeted over 553 different device types, including smart printers, smart TVs, cameras, and other connected devices linked to corporate IT networks.
Most Targeted Devices
The majority of the IoT attacks focused on set-top boxes (29%), smart TVs (20%), and smartwatches (15%). The home entertainment and automation sector reported the least number of attacks when compared to the health care, manufacturing, and enterprise sectors. Most attack traffic was reported on IoT devices in manufacturing and retail sectors (59%), including GPS trackers, 3D printers, automotive multimedia systems, barcode readers, PoS terminals, and other data collection devices.
The most targeted countries in the IoT attacks campaign were Ireland (48%), the U.S. (32%), and China (14%). Also, 90% of the affected IoT devices were found transferring information to servers located in China (56%), the U.S. (19%), or India (14%).
Unique Malware Attacks
Zscaler’s ThreatLabz team uncovered over 18,000 distinctive hosts and 900 unique IoT malware variants in just a 15-day timeframe. The research team found new malware families — Gafgyt and Mirai — which are known for hijacking IoT devices to create botnets and spread malware.
“For more than a year, most corporate offices have stood mostly abandoned as employees continued to work remotely during the COVID-19 pandemic. However, our service teams noted that despite a lack of employees, enterprise networks were still buzzing with IoT activity. The volume and variety of IoT devices connected to corporate networks are vast and include everything from musical lamps to IP cameras,” said Deepen Desai, CISO of Zscaler.
Mitigation
Organizations should develop an IoT threat mitigation plan and practice basic security measures to mitigate the risks from vulnerable IoT devices. These include:
- Monitor and get complete visibility into all the IoT devices in the network.
- Always use strong passwords rather than keeping default ones.
- Fix the unpatched vulnerabilities before the hackers exploit them.
- Implement a zero-trust policy. Monitor and enforce a strict authentication policy to avoid shadow IoT devices into the company’s network.
- Implement a strong device verification process before allowing Bring Your Own Devices (BYOD) policy.
Related Stories: