Thought Leadership
ThreatLabz identified more than 200 malicious apps in the Google Play Store with a total of more than eight million downloads. The Zscaler cloud blocked 45 percent more IoT malware transactions than last year, proving that botnets are on the rise in IoT systems.
The report’s findings underscore the urgency for organizations to reassess the security of mobile devices, IoT and OT systems.
“Cybercriminals are increasingly targeting outdated, exposed assets that often serve as a stepping stone into IoT and OT environments. Data breaches and ransomware attacks can be the result,” says Deepen Desai, Chief Security Officer at Zscaler. “Mobile malware and AI-driven vishing add to this list of attack scenarios, which is why AI-powered Zero Trust solutions should be a top priority for CIOs and CISOs to stop all types of attack vectors and protect against these threats.”
Financially motivated mobile attacks remain the top threat vector
With a 29% increase in banking malware attacks and a 111% increase in spyware compared to last year, cyberattacks have never been more profitable for threat actors. Monetary gains are made through direct extortion or by selling stolen personal data and credentials for future attacks.
Anatsa, a well-known Android banking malware that uses PDF and QR code readers to spread malware, has targeted more than 650 financial institutions, with a particular focus on users in Germany, Spain, Finland, South Korea and Singapore.
Vertical sectors targeted by malicious actors
The technology (18%), education (18%) and manufacturing (14%) sectors are the most frequent targets of mobile malware. The education sector in particular saw a dramatic increase of 136% in blocked transactions compared to the previous year.
In addition, the manufacturing industry saw the highest volume of IoT malware attacks for the second year in a row, with 36% of all IoT malware attacks blocked in the Zscaler Zero Trust Exchange platform. When analyzing individual devices across different industries, this sector stands out with the highest implementation of IoT devices. IoT applications are widely used for everything from automation and process monitoring to supply chain management.
The USA as the main target for IoT cyberattacks
Due to its central role in global communication and data processing, the USA generates the most data traffic from IoT devices and 81% of IoT cyberattacks were observed there. After the USA, the other countries with the highest proportion of IoT data traffic include Japan, China, Singapore and Germany. According to the report, India (28%) is the country most affected by mobile malware. It is followed by the USA, Canada, South Africa and the Netherlands.
Outdated operating systems make OT systems vulnerable
OT systems that were previously shielded and isolated from the Internet are becoming a threat propagation vector as they are increasingly integrated into corporate networks. OT deployments can include thousands of connected devices spread across many locations, creating a significant attack surface for zero-day vulnerabilities. The integration of IT with OT also increases internal (east-west) OT traffic, increasing the risk of lateral movement and the potential scope of a successful attack.
Greater security for mobile devices, IoT and OT
In hybrid work environments, users can work from anywhere with internet access, SaaS apps and private applications, whether in the cloud or in the data center. To enable secure hybrid working and provide seamless access to any application, organizations need to move away from network-centric approaches as these limit productivity and are susceptible to lateral movement of malware. Zero Trust architectures ensure secure remote access from any device to any application and from any location.
Zscaler for IoT and OT enables the reduction of cyber risks while providing the connectivity needed for IoT and OT. Business agility is supported and productivity is increased. The Zscaler Zero Trust Exchange platform protects IoT devices from compromise and prevents lateral movement through device segmentation and deception, while enabling remote access to OT systems without risky VPN connections.
The findings of the 2024 Mobile, IoT, and OT Threat Report underline the need for companies to better protect their mobile endpoints, IoT devices and OT systems.
Report Methodology
The Zscaler ThreatLabz team analyzed a dataset collected by the Zscaler Security Cloud between June 2023 and May 2024, covering more than 20 billion threat-related mobile transactions and associated cyberthreats.
(pd/Zscaler)
