IoT Malware Infections Increased by 700% Amid COVID-19 Pandemic
Most of the Risky IoT Traffic Came from Manufacturing and Retail Devices, Including 3D Printers, Barcode Readers, and Payment Terminal Devices.
Last updated on July 16, 2021
According to a new study on the state of IoT devices left on corporate networks during the COVID-19 pandemic, this type of devices is a major source of security compromise.
Zscaler researchers analyzed over 575 million device transactions and 300,000 IoT malware attacks blocked over the course of two weeks in December 2020. A 700% increase was observed when compared to pre-pandemic findings.
These attacks targeted 553 different device types, including printers, digital signage, and smart TVs, all connected to and communicating with corporate IT networks while many employees were working remotely during the COVID-19 pandemic.
The research team identified the most vulnerable IoT devices, most common attack origins and destinations, and the malware families responsible for the majority of malicious traffic to better help enterprises protect their valuable data.
Despite much of the global workforce working from home, IoT malware on corporate networks has increased by 700% since 2019;
Due to their variety, low percentage of encrypted communication, and connections to suspicious destinations, entertainment, and home automation devices posed the most risk;
Gafgyt and Mirai, malware families popularly used in botnets, accounted for 97% of the IoT malware payloads;
Technology, manufacturing, retail & wholesale, and healthcare industries accounted for 98% of IoT attack victims;
Most attacks originated in China, the United States, and India, while most targets for IoT attacks were in Ireland, the United States, and China.
The researchers also observed that 76% of total transactions from IoT devices occurred over plain-text channels, with only 24% of transactions occurring over secure encrypted channels.
While this ratio seems unacceptably low, it is almost a 3x improvement from our 2019 study, in which only 8.5 percent of IoT communications were encrypted. Nonetheless, the security risk persists: plaintext communications are much easier for attackers to spy on or, worse, to intercept and modify, allowing them to exploit the IoT devices for malicious purposes.
Even strong passwords and custom usernames can be vulnerable to a dictionary or brute force attack. These will bombard a login page with countless password combinations until it hits the right one.
iPhones for instance, have a setting that locks the PIN authentication after too many attempts. At the 10th attempt, it completely wipes the device.
IoT devices with good built-in security should have a similar option you can use to ensure their login integrity.
The Internet of Things has lagged behind other services in implementing two-factor authentication, but as the industry matures, the feature will become more and more prevalent.
In the meantime, be sure to activate it whenever your devices support it.
Physical Weaknesses in IoT Devices
Sometimes, all it takes to infect a PC is to introduce a USB stick in it and let Windows autorun the USB, and by implication the malware. The same principles apply to smart devices. If it has a USB in it, then all a malicious hacker has to do is to plug it in, wait a bit, and that’s it.
If you can, try to place your device in such a way so that sticking a USB stick in it isn’t a straightforward process.
Most smart devices work by communicating with a central server, Internet network, or smartphone. Unfortunately, the information isn’t properly encrypted in most cases. Either the devices are too small to carry a strong processor, or the manufacturer decided to cut costs (including security features).
Whenever available, we strongly recommend you activate the option to encrypt the data it sends and receives.
Create A Second Network for Your IoT Devices
A good way to secure your smart devices is to create a separate network for them to communicate in.
If you want to control your smart devices from your phone, you’ll need to switch between Wi-Fi to control your IoT network.
Secure Your Home Wi-Fi
Your Wi-Fi router is one of the first attack points for a malicious hacker. To make sure it is secure, we suggest you do the following:
Use a strong and secure password.
Change your username, and make it non-recognizable. Don’t make it easy for an attacker to identify which Wi-Fi is yours.
Set up a firewall to protect your Wi-Fi. In most cases, the firewall will be software-based, but some routers come with a preinstalled hardware.
Disable guest network access for your wireless network.
Disconnect the Device from the Internet When You Don’t Use It
Devices such as Smart TVs don’t need to be permanently connected to the Internet. By keeping them off the Internet, you limit the time interval in which a cybercriminal could attempt to break its security.
Cezarina is the Head of Marketing Communications and PR within Heimdal® and a cybersecurity enthusiast who loves bringing her background in content marketing, UX, and data analysis together into one job. She has a fondness for all things SEO and is always open to receiving suggestions, comments, or questions.