IoT (Internet of Things) and OT (Operational Technology) have transformed how IT teams interact with devices via the Internet. While offering efficiency, insights, and customer experience benefits for organizations, the devices are at significant risk because they lack built-in security measures, thereby making it easier for hackers to exploit their vulnerabilities.
Recently, Zscaler’s ThreatLabz team identified a 400% growth in IoT malware attacks, suggesting organizations still have some work left to do in combating future attacks with appropriate security measures.
The ThreatLabz 2023 Enterprise IoT and OT Threat Report explores IoT/OT device traffic and malware targeting these devices and offers security best practices for preventing these attacks. It puts the convergence of IoT and OT driven by digital transformation in the spotlight to raise awareness for endangered sectors such as manufacturing and utilities to take action.
A Breakdown on Attacks
During January and June 2023, Zscaler analyzed approximately 300,000 blocked attacks on IoT devices and found a concerning surge in IoT malware attacks. According to the results, devices driving business operations generated the most IoT traffic, with 52% of the surveyed transactions coming from data collection terminals, like wireless barcode readers used in manufacturing, engineering, logistics, and warehousing applications.
The manufacturing sector saw the most substantial surge in malware attacks- more than three times the attacks as any other sector. This surge in adoption underscores the industry’s dedication to embracing advanced automation and digitization, positioning it as a frontrunner in leveraging IoT/OT for enhanced production efficiency, product quality, and innovation.
However, the education sector had the sharpest increase in malware attacks, increasing nearly 1000%. Educational institutions are considered ‘soft targets’ because of the wealth of personal data stored on their networks, leaving both students and educational institutions vulnerable.
The transition to remote learning has considerably widened the attack surface for hackers and the proliferation of unsecured IoT devices within school networks has provided attackers with easier access points.
Routers were the primary targets of attacks at 67%. They are attractive targets due to their central position in networks, continuous internet connectivity, widespread use of default credentials, and susceptibility to firmware vulnerabilities.
Best Practices for IoT/OT Security
As the adoption of connected devices continues to rise, it is imperative for organizations to take proactive steps in bolstering IoT/OT security.
1. Be aware of devices that are connected to your network.
Maintain comprehensive visibility into all IoT devices, including unmanaged devices, by utilizing solutions that analyze network logs to monitor communications and activity.
Continuous visibility and awareness of what is connected to the network at all times is critical, no matter where devices are located.
2. Use MFA to protect admin credentials
Multi-factor authentication (MFA) requires users to enter a secondary mode of verification in addition to their password, such as biometric authentication like a fingerprint or facial recognition.
This extra layer of security can prevent attackers from gaining access to user accounts if they have obtained credentials, preventing lateral threat movement from compromised user devices.
3. Inspect encrypted traffic
Malware attacks commonly use encrypted channels, which often are not inspected, making it easy for even moderately sophisticated attackers to bypass security controls. Organizations must inspect all encrypted traffic to prevent attackers from compromising systems.
4. Train employees on IoT/OT security
Educate employees about the risks of connecting unauthorized devices to the network. Encourage them to report any new devices they connect and conduct security awareness training to help employees identify and avoid attacks on user devices.
Listen to the podcast: The Current State of Cybersecurity
How Zero Trust Security Can Change the Game
Provide a more effective and robust way to protect against cyber threats by assuming that no devices can be trusted and to restrict unfettered access to the network.
Zero trust is grounded on this exact premise — no device, user, or workload is inherently trustworthy, whether they are inside or outside the corporate network. Its architecture is key to preventing unplanned downtime and ensuring maximum productivity in OT industrial processes.
A zero-trust architecture can minimize attack surfaces, eliminate lateral movement, and help to significantly improve the protection of IoT/OT infrastructure.
As IoT and OT continue to advance, so do the strategies and methods of cyber attackers. By staying informed and implementing robust security measures, such as zero trust architectures to their existing cybersecurity stack, organizations can harness the full potential of these technologies while mitigating the associated risks.
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.