Zscaler warns industrial operations face mounting risk as IoT, OT attacks surge across energy, manufacturing sectors
Zscaler ThreatLabz reported a 67% surge in Android malware, with 40% of IoT attacks now targeting critical industries and hybrid work environments. Critical infrastructure in the energy sector experienced a 387% increase in attacks compared to the previous year.
This comes as mobile, IoT, and OT (operational technology) systems have become the backbone of business operations today, enabling innovation and powering critical infrastructure across industries. While mobile devices dominate global connectivity, IoT and OT systems keep manufacturing, healthcare, transportation, and smart cities running.
Year after year, ThreatLabz has observed that routers are a primary target for IoT exploitation. Threat actors use vulnerabilities to execute commands, propagate malware, and expand botnets. Netgear routers are an especially popular target for threat actors, with common exploitation methods observed, including command injection via API endpoint URLs and directory traversal techniques to access sensitive subdirectories. These attacks often exploit unauthenticated remote code execution (RCE) vulnerabilities that allow hackers to bypass authentication and execute scripts remotely.
Payloads like Mirai, the most popular malware targeting IoT devices, are frequently deployed to recruit compromised devices into botnets, which then enable network-wide control for DDoS (distributed denial of service) attacks or further propagation. Additional exploits, such as those targeting ‘Parks Fiberlike’ and D-Link routers, indicate that the ongoing trend of threat actors exploiting routers shows no signs of slowing down.
Supply chain vulnerabilities further complicate the security landscape, as compromised hardware, firmware, or third-party dependencies introduce new entry points for attackers. Securing cellular-connected devices with SIM-level traffic inspection mitigates unauthorized access and reduces the attack surface associated with insecure IoT adoption. Mobile endpoints, widely used in government applications, face escalating risks from phishing, smishing, and exploitation of telecom stacks.