Zscaler’s releases the second annual Internet of Things (IoT) report, IoT Devices in The Enterprise 2020: Shadow IoT Threat Emerge.
Zscaler customers are now generating
more than 1 billion IoT transactions per month in the Zscaler™ cloud, which
amounts to a 1,500 percent increase since Zscaler’s May 2019 report. By
analysing two weeks of this traffic through Zscaler cloud, Zscaler found 553
different IoT devices across 21 categories from 212 manufacturers.
Organisations around the world are observing this Shadow IoT phenomenon, where
employees are bringing unauthorised devices into the enterprise. With this
onslaught of unknown and unauthorised devices, IT and security teams often
won’t know these devices are on the corporate network nor how they impact an
organization’s overall security posture.
Key Findings:
- Unauthorised IoT Devices on the Rise: The top unauthorised IoT devices Zscaler observed include digital home assistants, TV set-top boxes, IP cameras, smart home devices, smart TVs, smart watches, and even automotive multimedia systems.
- Manufacturing & Retail Industries Top IoT Traffic Volume: Manufacturing and retail customers generated the highest IoT traffic volume (56.8%) followed by enterprises (23.7%), entertainment and home automation (15.7%), and healthcare (3.8%).
- Majority of IoT Transactions are Insecure: 83 percent of IoT-based transactions are occurring over plain-text channels, whereas only 17 percent are using secure (SSL) channels.
- Exponential Increase of IoT Malware: Zscaler blocked 14,000 IoT-based malware attempts per month. That number has increased more than seven times than the May 2019 research.
- New Exploits Emerging to Target Unauthorized Devices: New exploits that target IoT devices are popping up all the time, such as the RIFT botnet, which looks for vulnerabilities in network cameras, IP cameras, DVRs, and home routers.