Zscaler’s ThreatLabz 2024 Mobile, IoT, and OT Threat Report reveals significant cybersecurity risks in the mobile and IoT/OT landscape. Key findings include:
1. Over 200 malicious apps identified in the Google Play Store with 8+ million installs.
2. 111% growth in spyware and 29% growth in banking malware.
3. 45% increase in IoT malware transactions blocked by Zscaler cloud.
4. Technology, education, and manufacturing sectors most targeted.
5. The US remains the top target for IoT cyberattacks, while India leads in mobile malware threats.
The report emphasizes the need for organizations to adopt zero trust architecture to secure mobile devices, IoT devices, and OT systems in today’s hybrid-work environments.
Il rapporto 2024 su minacce mobili, IoT e OT di Zscaler’s ThreatLabz rivela rischi significativi per la cybersecurity nel panorama mobile e IoT/OT. Le principali scoperte includono:
1. Oltre 200 app malevole identificate nel Google Play Store con più di 8 milioni di installazioni.
2. Crescita del 111% del spyware e del 29% del malware bancario.
3. Aumento del 45% delle transazioni di malware IoT bloccate dal cloud Zscaler.
4. I settori della tecnologia, dell’istruzione e della manifattura sono i più bersagliati.
5. Gli Stati Uniti rimangono il principale obiettivo degli attacchi informatici IoT, mentre l’India guida le minacce di malware mobile.
Il rapporto sottolinea la necessità per le organizzazioni di adottare architetture di fiducia zero per proteggere dispositivi mobili, dispositivi IoT e sistemi OT negli attuali ambienti di lavoro ibridi.
El informe de amenazas móviles, IoT y OT 2024 de Zscaler’s ThreatLabz revela riesgos significativos de ciberseguridad en el panorama móvil y de IoT/OT. Los hallazgos clave incluyen:
1. Más de 200 aplicaciones maliciosas identificadas en Google Play Store con más de 8 millones de instalaciones.
2. Un crecimiento del 111% en spyware y del 29% en malware bancario.
3. Un aumento del 45% en las transacciones de malware IoT bloqueadas por la nube de Zscaler.
4. Los sectores de tecnología, educación y manufactura son los más atacados.
5. Estados Unidos sigue siendo el principal objetivo de los ciberataques IoT, mientras que India lidera en amenazas de malware móvil.
El informe enfatiza la necesidad de que las organizaciones adopten arquitectura de confianza cero para asegurar dispositivos móviles, dispositivos IoT y sistemas OT en los entornos de trabajo híbridos de hoy.
Zscaler의 ThreatLabz 2024 모바일, IoT 및 OT 위협 보고서는 중대한 사이버 보안 위험을 모바일 및 IoT/OT 환경에서 드러냅니다. 주요 발견 사항은 다음과 같습니다:
1. Google Play Store에서 200개 이상의 악성 앱이 확인되었으며, 설치 수는 800만 건 이상입니다.
2. 스파이웨어는 111% 증가하고, 은행 악성코드는 29% 증가했습니다.
3. Zscaler 클라우드에 의해 차단된 IoT 악성코드 거래가 45% 증가했습니다.
4. 기술, 교육 및 제조 분야가 가장 큰 타겟입니다.
5. 미국은 IoT 사이버 공격의 주요 대상이며, 인도는 모바일 악성코드 위협에서 선두를 달리고 있습니다.
보고서는 조직이 오늘날 혼합 근무 환경에서 모바일 장치, IoT 장치 및 OT 시스템을 보호하기 위해 제로 트러스트 아키텍처를 채택해야 한다고 강조합니다.
Le rapport 2024 sur les menaces mobiles, IoT et OT de Zscaler’s ThreatLabz révèle des risques significatifs en matière de cybersécurité dans le paysage mobile et IoT/OT. Les principales conclusions comprennent :
1. Plus de 200 applications malveillantes identifiées dans le Google Play Store avec plus de 8 millions d’installations.
2. Croissance de 111 % des logiciels espions et 29 % des logiciels malveillants bancaires.
3. Augmentation de 45 % des transactions de logiciels malveillants IoT bloquées par le cloud Zscaler.
4. Les secteurs de la technologie, de l’éducation et de la fabrication sont les plus ciblés.
5. Les États-Unis restent la principale cible des cyberattaques IoT, tandis que l’Inde est en tête des menaces de logiciels malveillants mobiles.
Le rapport souligne la nécessité pour les organisations d’adopter une architecture de confiance zéro pour sécuriser les appareils mobiles, les appareils IoT et les systèmes OT dans les environnements de travail hybrides d’aujourd’hui.
Der ThreatLabz 2024 Bericht über mobile, IoT- und OT-Bedrohungen von Zscaler offenbart signifikante Cybersecurity-Risiken im mobilen und IoT/OT-Bereich. Wichtige Erkenntnisse umfassen:
1. Über 200 bösartige Apps wurden im Google Play Store identifiziert, mit über 8 Millionen Installationen.
2. 111 % Zuwachs bei Spionage-Software und 29 % Zuwachs bei Bankmalware.
3. 45 % Anstieg der IoT-Malware-Transaktionen, die von der Zscaler-Cloud blockiert wurden.
4. Die Sektoren Technologie, Bildung und Fertigung sind am stärksten betroffen.
5. Die USA bleiben das Hauptziel für IoT-Cyberangriffe, während Indien bei Bedrohungen durch mobile Malware führend ist.
Der Bericht betont die Notwendigkeit für Organisationen, Zero-Trust-Architekturen zu übernehmen, um mobile Geräte, IoT-Geräte und OT-Systeme in den heutigen Hybridarbeitsumgebungen abzusichern.
Positive
- Zscaler’s cloud blocked 45% more IoT malware transactions compared to the previous year
- Zscaler offers zero trust architecture solutions to protect against mobile, IoT, and OT threats
Negative
- Identification of over 200 malicious apps in Google Play Store with 8+ million installs
- 111% increase in spyware and 29% growth in banking malware year-over-year
- Technology, education, and manufacturing sectors are most susceptible to cyberattacks
- The United States remains the primary target for IoT cyberattacks, accounting for 81% of attacks
Insights
The report reveals significant cybersecurity threats in the mobile and IoT/OT landscape. The identification of over 200 malicious apps with 8 million+ installs in the Google Play Store is alarming. This, coupled with a
Key sectors at risk include technology, education and manufacturing, with education seeing a staggering
For investors, this data underscores the growing demand for robust cybersecurity solutions, particularly in mobile and IoT/OT sectors. Zscaler’s position as a leader in cloud security and its Zero Trust Exchange platform could be viewed favorably in light of these trends. However, the persistent and evolving nature of these threats also highlights the ongoing challenges in the cybersecurity landscape.
This report offers valuable insights into the cybersecurity market dynamics. The substantial growth in mobile malware, especially in banking (
For Zscaler, this data could translate to increased demand for their services, potentially driving revenue growth. The company’s focus on zero trust architecture aligns well with the current threat landscape, especially given the vulnerabilities in IoT and OT systems highlighted in the report.
Investors should note the global nature of these threats, with countries like India emerging as prime targets for mobile malware. This geographic diversity in cyber threats could open up new market opportunities for cybersecurity firms operating internationally.
Annual ThreatLabz Report Highlights Mobile, IoT, and OT Cybersecurity Trends, Risks, and Prescriptive Zero Trust Defense Strategies
Key Findings:
- Mobile remains a top threat vector, with
111% growth in spyware and29% growth in banking malware - Technology, education, and manufacturing sectors continue to be most susceptible to attacks
- The United States remains the top target for IoT, OT, and mobile cybersecurity attacks
SAN JOSE, Calif., Oct. 15, 2024 (GLOBE NEWSWIRE) — Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today published its Zscaler ThreatLabz 2024 Mobile, IoT, and OT Threat Report, which offers an overview of the mobile and IoT/OT cyber threat landscape from June 2023 through May 2024. The findings in this report stress the urgency for organizations to reevaluate and secure mobile devices, IoT devices and OT systems. ThreatLabz identified more than 200 malicious apps in the Google Play Store, with more than 8 million collective installs, and the Zscaler cloud blocked
“Cybercriminals are increasingly targeting legacy exposed assets which often act as a beachhead to IoT & OT environments, resulting in data breaches and ransomware attacks,” said Deepen Desai, Chief Security Officer at Zscaler. “Mobile malware and AI driven vishing attacks adds to that list making it critical for CISOs and CIOs to prioritize an AI powered zero trust solution to shut down attack vectors of all kinds safeguarding against these attacks.”
Financially motivated mobile attacks remain a top threat vector
With
Anatsa, a known Android banking malware that uses PDF and QR code readers to distribute malware, has targeted more than 650 financial institutions, and more specifically, users in Germany, Spain, Finland, South Korea and Singapore.
Verticals most targeted by bad actors
The technology (
Additionally, for the second year in a row, manufacturing experienced the highest volume of IoT malware attacks, accounting for
The United States remains the top target for IoT cyberattacks
With its central role in global communication and data processes, the US also stands out as the primary destination for IoT device traffic, accounting for
- United States
- Japan
- China
- Singapore
- Germany
The report also revealed that India (
- United States
- Canada
- South Africa
- The Netherlands
Legacy and end-of-life operating systems leave OT systems vulnerable
Once air-gapped and isolated from the internet, OT and cyber-physical systems have rapidly become integrated into enterprise networks, enabling threats to proliferate. OT deployments can involve thousands of connected devices spread across dozens of sites, creating a substantial attack surface for external threats, such as those that exploit known zero-day vulnerabilities. Additionally, this also creates a large attack surface between internal (east-west) OT traffic, increasing the risk of lateral movement and the potential blast radius of a successful attack.
How to secure mobile, IoT and OT
With today’s hybrid-work environments, users can work from anywhere with internet access, SaaS apps and private applications, whether in the cloud or the data center. To enable secure hybrid work and provide seamless access to any application, enterprises need to retire network-centric approaches, which hamper productivity and leave them vulnerable to lateral movement. Instead, organizations must adopt a zero trust architecture that enables secure remote access from any user device to any application, from any location.
Zscaler for IoT and OT enables enterprises to reduce cyber risk while embracing IoT and OT connectivity to drive business agility and increase productivity. Powered by the Zero Trust Exchange, these capabilities protect IoT devices against compromise and prevent lateral movement with device segmentation and deception–all while allowing for remote access to OT systems without risky VPN connectivity.
The findings of the 2024 Mobile, IoT, and OT Threat Report stress the need for organizations to better secure their mobile endpoints, IoT devices, and OT systems. Download the full report here.
Research Methodology
The Zscaler ThreatLabz team analyzed a data set collected from the Zscaler Security Cloud between June 2023 and May 2024, comprising more than 20 billion threat-related mobile transactions and associated cyberthreats.
About Zscaler
Zscaler (NASDAQ: ZS) accelerates digital transformation so customers can be more agile, efficient, resilient, and secure. The Zscaler Zero Trust Exchange™ platform protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Distributed across more than 150 data centers globally, the SSE-based Zero Trust Exchange is the world’s largest in-line cloud security platform.
Media Contact:
Zscaler PR
Natalia Wodecki
press@zscaler.com
A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/6430484e-f976-4e51-9584-160090d397e6
FAQ
What are the key findings of Zscaler’s 2024 Mobile, IoT, and OT Threat Report?
The report identified over 200 malicious apps in Google Play Store with 8+ million installs, 111% growth in spyware, 29% growth in banking malware, and a 45% increase in IoT malware transactions blocked by Zscaler cloud. Technology, education, and manufacturing sectors were most targeted, with the US being the top target for IoT cyberattacks.
How has the growth of mobile malware affected Zscaler’s (ZS) cybersecurity findings in 2024?
Zscaler’s (ZS) 2024 report shows a significant increase in mobile malware, with a 111% rise in spyware and 29% growth in banking malware year-over-year. This indicates that financially motivated mobile attacks remain a top threat vector for cybercriminals.
Which sectors are most targeted by cyberattacks according to Zscaler’s (ZS) 2024 report?
According to Zscaler’s (ZS) 2024 report, the technology (18%), education (18%), and manufacturing (14%) sectors are the most frequent targets of mobile malware. The education sector saw a 136% increase in blocked transactions compared to the previous year.
What solution does Zscaler (ZS) recommend to address the cybersecurity risks identified in their 2024 report?
Zscaler (ZS) recommends adopting a zero trust architecture to secure mobile devices, IoT devices, and OT systems. This approach enables secure remote access from any user device to any application, from any location, without relying on risky VPN connectivity.