With many more people teleworking in 2020 due to the COVID-19 pandemic, cyberattack surfaces changed and expanded, and as many worked from home with Internet of Things (IoT) devices abandoned at the office, threat actors took advantage. Part of the fallout from those realities, according to two Zscaler studies, was that malware attacks on IoT devices connected to corporate networks increased by 700 percent year-over-year in 2020, compared to the firm’s 2019 study.
The issue is a global one, as the study found attacks targeted businesses in Ireland, the United States, and China the most. The majority of attacks originated in China, the United States, and India. The vast majority of attacks came from just two malware families used in botnet attacks, with groups Gafgyt and Mirai representing 97 percent of the 900 malware payloads Zscaler’s cloud blocked on IoT devices.
“Throughout 2020 and well into 2021, the COVID-19 pandemic left many corporate offices eerily quiet and devoid of employees,” the company’s report says. “But despite the lack of people, these buildings were still buzzing with activity under the surface. The buildings themselves weren’t the only things left abandoned: smartwatches, digital signage, networked printers, and many other IoT devices were still connected to the network – refreshing data, performing functions, awaiting commands.”
“Threat actors took notice, and many attempted to take advantage. In the midst of the enormous global shift to work-from-anywhere … that translates to a staggering 833 IoT malware blocked every hour,” the report continues.
The victims of these malware attacks were focused in three industries: technology, manufacturing, and research and wholesale. The three industries accounted for a staggering 98 percent of attack victims, the report says.