Zscaler has released its Zscaler ThreatLabz 2024 Mobile, IoT, and OT Threat Report, which examines the evolving cyber threat landscape affecting mobile, IoT, and OT systems from June 2023 to May 2024.
The report highlights the pressing need for organisations to reassess and strengthen their security measures for mobile devices, IoT, and OT systems. ThreatLabz identified over 200 malicious apps on the Google Play Store, collectively installed more than 8 million times, while Zscaler’s Cloud platform recorded a 45% rise in blocked IoT malware transactions, signalling the continued spread of botnets across IoT networks.
“Cybercriminals are increasingly targeting legacy exposed assets which often act as a beachhead to IoT and OT environments, resulting in data breaches and ransomware attacks,” said Deepen Desai, Chief Security Officer at Zscaler. “Mobile malware and AI driven vishing attacks adds to that list making it critical for CISOs and CIOs to prioritize an AI powered zero trust solution to shut down attack vectors of all kinds safeguarding against these attacks.”
Financially motivated attacks on the rise
The report highlights financially motivated mobile attacks as a key threat, with banking malware incidents rising by 29% and spyware by 111% year on year. Threat actors are increasingly profiting from these attacks, either through direct extortion or by selling stolen personally identifiable information (PII) and user credentials for future exploitation.
Anatsa, an established Android banking malware that spreads through PDF and QR code readers, has targeted over 650 financial institutions, with users in Germany, Spain, Finland, South Korea, and Singapore being particularly affected.
The technology, education, and manufacturing sectors were the top targets of mobile malware, each accounting for 18%, 18%, and 14% of blocked transactions, respectively. Education saw a dramatic 136% increase in blocked malware compared to the previous year.
For the second consecutive year, the manufacturing sector experienced the highest volume of IoT malware attacks, making up 36% of all IoT malware blocks on Zscaler’s Zero Trust Exchange platform. This sector is characterised by its heavy use of IoT applications, ranging from automation and process monitoring to supply chain management, which creates a significant attack surface.
The US remains the primary target for IoT cyber attacks
As a central hub for global communications and data processing, the United States remains the top target for IoT cyberattacks, accounting for 81% of IoT-related traffic. The countries most frequently targeted by IoT cyberattacks are:
- United States
- Japan
- China
- Singapore
- Germany
India has now emerged as the country most affected by mobile malware, accounting for 28% of attacks, followed by the United States, Canada, South Africa, and the Netherlands.
Vulnerabilities in legacy OT systems
Previously isolated from the internet, operational technology (OT) systems are now integrated into enterprise networks, expanding their attack surface. The large number of connected devices within OT environments makes them vulnerable to external threats, including zero-day vulnerabilities. Furthermore, this increased connectivity also raises the risk of lateral movement within OT networks, potentially amplifying the impact of a successful attack.
In today’s hybrid work environment, where employees can access Cloud and private applications from anywhere, organisations must move away from traditional network-centric approaches, which are susceptible to lateral movement and hinder productivity. Instead, a zero trust architecture is essential for securing remote access from any device, to any application, regardless of location.
The 2024 Mobile, IoT, and OT Threat Report underscores the importance for organisations to better secure their mobile devices, IoT infrastructure, and OT environments.
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by commenting below or visiting our LinkedIn page.