Released on October 17, 2024, the Zscaler ThreatLabz 2024 Mobile, IoT, and OT Threat Report offers a sobering analysis of the contemporary cyber threat landscape. The evaluation covers the period from June 2023 through May 2024, emphasizing the urgent necessity for enterprises to reassess and strengthen their security protocols for mobile devices, IoT (Internet of Things) systems, and OT (Operational Technology) frameworks. One alarming discovery highlighted in the report is the identification of over 200 malicious apps hosted on the Google Play Store, which have collectively amassed more than 8 million downloads. This underscores the ease with which cybercriminals can exploit widely accessible platforms to spread harmful software. Additionally, Zscaler’s cloud service has blocked a staggering 45% increase in IoT malware transactions, pointing to the ongoing proliferation of botnets aimed at compromising IoT devices.
The report brings to light the evolving tactics of cybercriminals who are now increasingly leveraging outdated legacy systems as entry points to infiltrate IoT and OT environments. This infiltration has often led to data breaches and ransomware attacks, marking a significant change in the threat dynamics for these sectors. Mobile malware continues to be a serious concern, with a notable surge in financially driven attacks. Specifically, banking malware attacks have swelled by 29%, while spyware attacks have remarkably increased by 111% year over year. The Anatsa Android banking malware has emerged as a particularly nefarious actor, targeting over 650 financial institutions and significantly impacting users in countries such as Germany, Spain, Finland, South Korea, and Singapore.
Rise in Mobile and IoT Attacks
Among the sectors most affected by mobile malware, the technology and education industries occupy the top spots, each witnessing 18% of these threats. The education sector, in particular, has experienced a dramatic 136% increase in blocked malware transactions compared to the previous year. This surge can be attributed to the sector’s rapid transition to digital platforms, making it a lucrative target for cybercriminals. In the manufacturing sector, the relentless march of IoT malware continues to be a significant concern. For the second year in a row, manufacturing has shown the highest volume of IoT malware attacks. Zscaler’s Zero Trust Exchange platform reported that this sector alone accounts for 36% of all IoT malware blocked, a situation exacerbated by the extensive deployment of IoT devices for automation, process monitoring, and supply chain management.
Geographically, the United States remains the primary target for IoT cyberattacks, attracting 81% of all IoT device traffic. This high volume of malicious activity can be linked to the country’s sizable number of connected devices and substantial digital infrastructure. Other nations feeling the brunt of these cyber threats include Japan, China, Singapore, and Germany. Meanwhile, India has emerged as the new hotspot for mobile malware attacks, overtaking previous leaders such as the United States, Canada, South Africa, and the Netherlands. This shift indicates a widening geographic scope of cyber threats, underscoring the global nature of the cyber risk landscape.
Evolving OT Threats and Vulnerabilities
The report also casts a spotlight on the growing vulnerabilities within Operational Technology (OT) systems. Traditionally, OT systems were isolated from the internet, operating within a secure, standalone environment. However, the increasing trend of integrating OT systems into broader enterprise networks has exposed them to external threats. The convergence of IT and OT systems has heightened the risk of cyberattacks, as these systems become more vulnerable to zero-day exploits and other sophisticated attack vectors. The integration also facilitates lateral movement within internal networks, amplifying the potential impact of any breach.
The findings emphasize that the escalating vulnerabilities in OT systems require immediate attention. The shift from isolated to interconnected systems means that legacy security measures are no longer adequate. The threats presented by cybercriminals targeting these systems are becoming increasingly advanced, capable of causing significant disruptions in operational processes. These attacks not only jeopardize data security but also pose serious risks to the physical infrastructure and safety of personnel. As OT systems play a critical role in industries such as manufacturing, energy, and utilities, securing these systems has become a priority for organizations looking to protect their operational continuity and integrity.
Conclusion: Urgency for Enhanced Security
Released on October 17, 2024, the Zscaler ThreatLabz 2024 Mobile, IoT, and OT Threat Report provides a sobering analysis of today’s cyber threat landscape, covering June 2023 to May 2024. The report stresses the urgent need for enterprises to reassess and bolster security protocols for mobile devices, IoT systems, and OT frameworks. Alarmingly, over 200 malicious apps on the Google Play Store, with over 8 million downloads, were identified, demonstrating how easily cybercriminals can exploit accessible platforms to distribute harmful software. Additionally, Zscaler’s cloud service blocked a 45% increase in IoT malware transactions, highlighting the ongoing proliferation of botnets targeting IoT devices.
The report also details evolving cybercriminal tactics, showing a marked increase in the exploitation of outdated legacy systems as entry points to infiltrate IoT and OT environments. This often leads to data breaches and ransomware attacks, marking a significant shift in threat dynamics. Mobile malware remains a severe issue, with financially driven attacks on the rise. Banking malware saw a 29% increase, while spyware attacks surged by 111%. The Anatsa Android banking malware targets over 650 financial institutions, notably affecting users in Germany, Spain, Finland, South Korea, and Singapore.
