Researchers saw a significant rise in attacks on Internet of Things (IoT) devices during the COVID-19 pandemic. During the two-week period in December 2020, around 300,000 attacks were attempted on these devices.
In a new report by Zscaler, the number of infections caused by the Internet of Things (IoT) malware was sharply higher compared to pre-pandemic telemetry. The company’s analysis revealed that the rate of attacks against these devices had increased by a factor of 700%.
The majority of the infections came from the Gafgyt and Mirai families, which are known to infect hundreds of thousands of IoT devices like printers, digital signs, and smart TVs.
Most of the attacks came from China (60%), and the US and India followed closely behind. Technology, manufacturing, retail, and healthcare organizations received the biggest share of the attacks.
According to ZScaler’s telemetry data, more than three-quarters of the Internet of Things devices were communicating through unencrypted channels, which suggests that a majority of transactions are conducted without the proper protections, researchers say.
“For more than a year, most corporate offices have stood mostly abandoned as employees continued to work remotely during the COVID-19 pandemic. However, our service teams noted that despite a lack of employees, enterprise networks were still buzzing with IoT activity,” Deepen Desai, CISO of Zscaler, said in a statement. Over three-quarters of IoT devices were communicating via unencrypted channels, “meaning that a majority of IoT transactions pose great risk to the business,” he added.
Most of the risky devices identified by researchers were set-top boxes (29%), smart TVs (20%), and smartwatches (15%). And most of the vulnerable IoT traffic came from retail and manufacturing devices, which includes 3D printers, barcode readers, and payment terminals.
The full report is available here.