Californian cyber-security company Zscaler’s annual threat report calls for organisations to re-evaluate and secure mobile devices, IoT devices and OT systems.

And it has identified more than 200 malicious apps in the Google Play Store, with over eight million installs.

The annual ThreatLabz report highlights mobile, IoT and OT cyber-security trends, risks and prescriptive zero-trust defence strategies.

Zscaler specialises in cloud security. Its ThreatLabz 2024 report offers an overview of the mobile, IoT and OT cyber threat landscape from June 2023 to May 2024, during which the Zscaler cloud blocked 45% more IoT malware transactions than last year, indicative of botnets continuing to proliferate across IoT devices.

“Cyber criminals are increasingly targeting legacy exposed assets, which often act as a beachhead to IoT and OT environments, resulting in data breaches and ransomware attacks,” said Deepen Desai, chief security officer at Zscaler. “Mobile malware and AI driven vishing attacks add to that list making it critical for CISOs and CIOs to prioritise an AI powered zero trust solution to shut down attack vectors of all kinds, safeguarding against these attacks.”

With 29% growth in banking malware attacks and a 111% rise in spyware year over year, cyber attacks have never been more profitable for threat actors, either through monetary gain via direct extortion or passthrough use of stolen personally identifiable information (PII) and user credentials that can be sold and leveraged in future attacks.

Anatsa (www.zscaler.com/blogs/security-research/technical-analysis-anatsa-campaigns-android-banking-malware-active-google), a known Android banking malware that uses PDF and QR code readers to distribute malware, has targeted more than 650 financial institutions and, more specifically, users in Germany, Spain, Finland, South Korea and Singapore.

The technology (18%), education (18%) and manufacturing (14%) sectors are the most frequent targets of mobile malware. Education in particular saw a 136% increase in blocked transactions compared with the previous year.

Additionally, for the second year in a row, manufacturing experienced the highest volume of IoT malware attacks, accounting for 36% of all IoT malware blocks observed on the Zscaler Zero Trust Exchange platform. When analysing unique devices across different verticals, this sector stands out with the highest implementation of IoT devices due to its extensive use of IoT applications, ranging from automation and process monitoring to supply-chain management.

The USA remains the top target for IoT cyber attacks. With its central role in global communication and data processes, the USA also stands out as the primary destination for IoT device traffic, accounting for 81% of IoT cyber attacks. The top five countries that receive the most IoT traffic are USA, Japan, China, Singapore and Germany.

The report also revealed that India (28%) is now the country most targeted by mobile malware. The other four are USA, Canada, South Africa and the Netherlands.

Once air-gapped and isolated from the internet, OT and cyber-physical systems have rapidly become integrated into enterprise networks, enabling threats to proliferate. OT deployments can involve thousands of connected devices spread across dozens of sites, creating a large attack surface for external threats, such as those that exploit known zero-day vulnerabilities. Additionally, this also creates a large attack surface between internal (east-west) OT traffic, increasing the risk of lateral movement and the potential blast radius of a successful attack.

With today’s hybrid-work environments, users can work from anywhere with internet access, SaaS apps and private applications, whether in the cloud or a data centre. To enable secure hybrid work and provide seamless access to any application, enterprises need to retire network-centric approaches, which hamper productivity and leave them vulnerable to lateral movement. Instead, organisations should adopt a zero-trust architecture that enables secure remote access from any user device to any application, from any location.

Zscaler for IoT and OT (www.zscaler.com/products-and-solutions/secure-your-ot-and-iot) helps enterprises reduce cyber risk while embracing IoT and OT connectivity to drive business agility and increase productivity. Powered by the Zero Trust Exchange, these capabilities protect IoT devices against compromise and prevent lateral movement with device segmentation and deception, all while allowing for remote access to OT systems without risky VPN connectivity.

The findings of the report stress the need for organisations to secure their mobile endpoints, IoT devices and OT systems. Download the full report at www.zscaler.com/campaign/threatlabz-mobile-iot-ot-report.

The ThreatLabz team analysed a data set collected from the Zscaler Security Cloud between June 2023 and May 2024, comprising more than 20 billion threat-related mobile transactions and associated cyber threats.