Cloud security company Zscaler (NASDAQ: ZS) has concluded that its customers are now generating more than 1 billion IoT transactions per month in the Zscaler cloud, a 1,500 percent increase since Zscaler’s May 2019 report. By analyzing two weeks of this traffic through Zscaler cloud, Zscaler found 553 different IoT devices across 21 categories from 212 manufacturers. Unauthorized IoT devices turn out to be on the rise.

Organizations around the world are observing this Shadow IoT phenomenon, stated Zscaler in their second annual Internet of Things (IoT) report, IoT Devices in the Enterprise 2020: Shadow IoT Threat Emerges, where employees are bringing unauthorized devices into the enterprise. With this onslaught of unknown and unauthorized devices, IT and security teams often won’t know these devices are on the corporate network nor how they impact an organization’s overall security posture.

Manufacturing and retail customers generated the highest IoT traffic volume (56.8%) followed by enterprises (23.7%), entertainment and home automation (15.7%), and healthcare (3.8%). The majority of these IoT transactions are insecure, according to Zscaler. 83 percent of IoT-based transactions are occurring over plain-text channels, whereas only 17 percent are using secure (SSL) channels.

IoT Malware, RIFT Botnet

There seems to be an exponential increase of IoT malware. Zscaler blocked 14,000 IoT-based malware attempts per month. That number has increased more than seven times than Zscaler’s May 2019 research.

New exploits are emerging to target unauthorized devices, stated Zscaler. New exploits that target IoT devices are popping up all the time, such as the RIFT botnet, which looks for vulnerabilities in network cameras, IP cameras, DVRs, and home routers.

Deepen Desai
“As an industry, we need to implement security strategies that safeguard enterprise networks by removing shadow IoT devices from the attack surface,” said Deepen Desai, Vice President of Security Research, Zscaler.

“We have entered a new age of IoT device usage within the enterprise,” said Deepen Desai, Vice President of Security Research, Zscaler. “Employees are exposing enterprises to a large swath of threats by using personal devices, accessing home devices, and monitoring personal entities through corporate networks. As an industry, we need to implement security strategies that safeguard enterprise networks by removing shadow IoT devices from the attack surface while continuously improving detection and prevention of attacks that target these devices.”


Over the quarter, Zscaler blocked approximately 42,000 transactions which were IoT-based malware and exploits. The top malware families included Mirai, Gafgyt, Rift, Bushido, Demonbot and Pesirai. The top destinations connected to by IoT malware families and exploits are the United States, the UK, Russia, The Netherlands and Malaysia.

In response to the growing threat posed by Shadow IoT devices brought into the enterprise, IT organizations must first be able to gain visibility into the existence of unauthorized IoT devices that are already inside the network, according to Zscaler. Organizations should be considering a Zero Trust approach, stated the company, ensuring any communication between devices and people is with known entities and is within your organization’s policy to reduce the IoT attack surface.

Used in more than 185 countries, Zscaler operates a multi-tenant distributed cloud security platform, protecting thousands of customers from cyberattacks and data loss. Its flagship services, Zscaler Internet Access and Zscaler Private Access, would create fast, secured connections between users and applications, regardless of device, location, or network.

Inxy Hosting CDN Marketplace