Cybersecurity Report Reveals Surging Threats to Mobile and IoT Devices
As cyber threats continue to escalate, the latest findings reveal alarming growth in mobile and IoT vulnerabilities. A recently published report by Zscaler, Inc. indicates that mobile remains a predominant threat vector, with a staggering 111% increase in spyware and a 29% rise in banking malware from June 2023 to May 2024. This significant growth signals an urgent need for organizations to enhance their security measures across all digital platforms.
Key Findings from the Zscaler ThreatLabz 2024 Report
On October 15, 2024, Zscaler, a leader in cloud security solutions, released its comprehensive Zscaler ThreatLabz 2024 Mobile, IoT, and OT Threat Report. This report provides a thorough overview of the status quo in mobile and IoT cybersecurity threats. It highlights a few critical areas of concern:
-
Proliferation of Malicious Apps: The report identified over 200 malicious applications available on the Google Play Store, racking up more than 8 million total installations. Additionally, Zscaler’s cloud infrastructure blocked a staggering 45% more IoT malware transactions than in the previous year, demonstrating the ongoing megatrends in cyber threats.
- Targeting of Vulnerable Sectors: The technology, education, and manufacturing sectors emerged as the most frequent targets, with both technology and education sectors experiencing a substantial rise in mobile malware activity. Education alone saw a 136% increase in blocked transactions year-on-year.
The United States: A Prime Target
The United States continues to hold the title as the top target for IoT cyberattacks, accounting for 81% of IoT-related malicious traffic. The escalating number of threats aimed at this countries amplifies calls for organizations across various sectors to re-evaluate their cybersecurity strategies.
Deepen Desai, Chief Security Officer at Zscaler, stressed, “Cybercriminals are increasingly targeting legacy exposed assets which often act as a beachhead to IoT & OT environments, resulting in data breaches and ransomware attacks. Mobile malware and AI-driven vishing attacks add to the growing threat landscape, making it critical for organizations to implement AI-powered zero trust solutions to safeguard their assets.”
Financially Driven Cyber Attacks
A particularly concerning trend revealed in the report is the continued financial motivation behind mobile attacks. With an alarming 29% growth in banking malware attacks and an extraordinary rise of 111% in spyware year-on-year, it’s evident that threat actors have discovered lucrative financial opportunities. Known Android malware, Anatsa, which exploits PDF and QR code readers, has been implicated in targeting over 650 financial institutions in various regions, including Germany, Spain, and South Korea.
Most Affected Sectors
- Technology: 18%
- Education: 18%
- Manufacturing: 14%
The manufacturing sector, in particular, has witnessed the highest volume of IoT malware attacks for the second consecutive year, accounting for 36% of total IoT malware blocks observed on Zscaler’s Zero Trust Exchange™.
The Vulnerability of OT Systems
Organizations’ operational technologies (OT), once deemed secure, are now increasingly integrated into enterprise networks, leading to exposure to external threats. Devices connected across this sprawling infrastructure present opportunities for attackers to exploit known vulnerabilities. The report reveals that legacy systems remain particularly susceptible, thereby urging organizations to adopt a layered approach toward cybersecurity.
Securing Mobile, IoT, and OT Environments
Given the shift towards hybrid work models, Zscaler advocates for the transition from outdated network-centric approaches to a zero trust architecture. This new paradigm promotes secure remote access for any user device across any application, thereby enhancing productivity while reducing risk.
Zscaler’s solutions for IoT and OT environments enable effective risk reduction while supporting seamless connectivity. The Zero Trust Exchange platform plays a pivotal role in safeguarding IoT devices against threats while facilitating remote access without relying on risky VPN connections.
The findings of the 2024 Mobile, IoT, and OT Threat Report underline the vital necessity for organizations to bolster their protective measures for mobile endpoints, IoT devices, and OT systems in today’s rapidly evolving digital landscape. For further details, the complete report is available here.
The Road Ahead
As cyber threats multiply and grow in complexity, the imperative for organizations to prioritize cybersecurity has never been clearer. Engaging with new security technologies and adopting proactive measures can contribute to a safer digital ecosystem. What strategies is your organization implementing to address these emerging threats? Share your thoughts in the comments below!