Accueil > Etudes, Livres Blancs et présentations sur la veille et l’intelligence > IoT in the enterprise 2020 : Shadow IoT emerges as security (...)

IoT in the enterprise 2020 : Shadow IoT emerges as security threat

vendredi 28 février 2020

The volume of legitimate enterprise IoT trafc is rising, but an analysis of the IoT data stream hitting the Zscaler™ cloud has also uncovered a troubling surge in the amount of unauthorized IoT trafc, or shadow IoT.

83% of IoT transactions are happening over plain text channels, with only 17% using secure (SSL) channels.

The volume of trafc generated by both authorized and unauthorized internet-of-things (IoT) devices is skyrocketing, adding to enterprise security risks, according to an analysis of cloud trafc conducted by Zscaler.

In May 2019, when the Zscaler ThreatLabZ research team released its initial report on IoT trafc generated by its enterprise customer base, the Zscaler cloud was processing 56 million IoT transactions a month. By February 2020, that number had soared to 33 million transactions a day and to an astounding 1 billion IoT transactions per month, which amounts to a 1,500% increase. (Zscaler processes 85 billion internet transactions in a single day, so 33 million IoT transactions represents just a fraction, albeit a rapidly growing fraction, of total trafc.)

By February 2020, the Zscaler cloud was processing 33 million IoT transactions per day and an astounding 1 billion IoT transactions per month.

Just as trafc volumes have surged, so has the amount of IoT-based malware. Zscaler was blocking 2,000 pieces of IoT-based malware per month in May 2019 ; that number has increased seven-fold to 14,000 malware attempts blocked per month.

One of the key fndings in this latest analysis is that as enterprises have embraced mobility and always-on connectivity for employees, the lines have blurred between company-owned and privately owned devices, and between the workplace and the home. In many cases,Retour ligne automatique enterprise IT teams might not even be aware of some of the devices generating IoT trafc, and this new culture of shadow IoT is creating new IoT-based attack vectors for cybercriminals.

Documents joints