Mobile Cyber Threats Surge, Especially in the US: Zscaler Report Reveals Alarming Trends
SAN JOSE, Calif. – October 15, 2024 – A new report from Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, highlights an alarming rise in mobile and IoT/OT cyber threats. The "Zscaler ThreatLabz 2024 Mobile, IoT, and OT Threat Report," covering the period from June 2023 to May 2024, reveals significant growth in spyware and banking malware, placing an urgent emphasis on the need for enhanced cybersecurity measures across various sectors.
The report uncovers a staggering 111% growth in spyware and a 29% increase in banking malware, suggesting that cybercriminals are exploiting vulnerabilities at an unprecedented rate. With mobile devices and IoT systems becoming critical components of modern operations, organizations are urged to assess and fortify their defenses in these areas.
Key Insights into Cyber Threats
Zscaler’s research reveals troubling statistics about the current state of mobile and IoT security:
-
Growth of Threat Vectors: More than 200 malicious apps were found on the Google Play Store, collectively installed over 8 million times. Additionally, Zscaler blocked 45% more IoT malware transactions compared to the previous year.
-
Targeted Sectors: The technology and education sectors lead with 18% each of the total mobile malware attacks, closely followed by manufacturing at 14%. In the education sector alone, there was a dramatic 136% increase in blocked malicious transactions.
- Geographical Focus: The United States remains the primary target for IoT cyberattacks, comprising 81% of all attacks. The top five countries receiving IoT traffic include the US, Japan, China, Singapore, and Germany.
Deepen Desai, Chief Security Officer at Zscaler, commented on the findings: "Cybercriminals are increasingly targeting legacy exposed assets, which often act as a beachhead to IoT & OT environments, resulting in data breaches and ransomware attacks. Mobile malware and AI-driven vishing attacks augment that list, making it critical for CISOs and CIOs to prioritize an AI-powered zero-trust solution."
The Financial Motive Behind Mobile Attacks
Mobile attacks driven by financial gain remain a prominent threat. With banking malware attacks increasing by 29% and a dramatic rise of 111% in spyware incidents, it’s evident that cybercriminals are capitalizing on inefficiencies and emerging vulnerabilities.
Notably, Anatsa, an Android banking malware, has targeted over 650 financial institutions across Europe and Asia, especially focusing on users in Germany, Spain, Finland, South Korea, and Singapore.
Vulnerable Dependencies
An important revelation from the report is the vulnerability posed by legacy and end-of-life operating systems within Operational Technology (OT) environments. Historically isolated, these systems are now integrated into enterprise networks, significantly expanding their attack surface. Cyber criminals can exploit flaws in these outdated systems, risking potential lateral movement within networks that further compromises sensitive organizational data and operations.
Securing the Future: Recommendations for Organizations
As hybrid work models become the norm, organizations must retire outdated network-centric security approaches that limit productivity and increase exposure to cyber threats. Instead, embracing a zero trust architecture is recommended to ensure secure access from any location to any application.
Zscaler emphasizes that initiatives powered by the Zero Trust Exchange can significantly enhance IoT and OT security. This includes:
- Device Segmentation: Isolating devices to limit the potential for intrusions.
- Deception Techniques: Employing strategies that mislead cyber attackers.
By adopting these advanced security measures, organizations can better protect themselves against evolving threats while ensuring operational efficiency.
The 2024 Mobile, IoT, and OT Threat Report serves as a crucial reminder for enterprises to enhance their cybersecurity framework to defend against mobile endpoints, IoT devices, and OT systems. For a more detailed examination, download the full report here.
About Zscaler
Zscaler assists organizations in their digital transformation journey by providing a solution that is agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange™ platform protects thousands of global customers against cyber threats and data loss by securely connecting users, devices, and applications, regardless of location.
As the landscape of cyber threats continues to evolve, what steps is your organization taking to safeguard its technology? Share your thoughts in the comments below or reach out to us on social media.
For more insights into cybersecurity trends and best practices, visit our articles on Shorty-News, and stay informed with authoritative sources such as TechCrunch and Wired.
This article is a synthesis of the latest findings from Zscaler’s research, ensuring accurate information is conveyed to our tech-savvy audience. Let’s continue the conversation on how we can tackle these challenges together.
