Mobile devices face a range of significant security threats as they become “critical tools” for both personal and organizational use.
With the rise of “remote work” and “increased reliance on mobile technology,” organizations report that mobile devices are perceived as “less secure than traditional endpoints.”
Zscaler ThreatLabz recently unveiled that mobile remains a top threat vector with “111% spyware growth” while “IoT attacks rise 45%.”
Technical Analysis
CISOs are facing an expanding threat landscape driven by the rise in cyberattacks like “ransomware” and “new SEC requirements for public companies to disclose material breaches.””
Mobile devices,” “IoT,” and “OT systems” have become critical areas of concern. With “96.5% of internet users” accessing the web via mobile devices and “59% of internet traffic” coming from mobile sources.
Due to this scenario, all these platforms are increasingly targeted by threat actors.
The Zscaler ThreatLabz research team analyzed “trends from June 2023 to May 2024,” in which they found a “111% increase in mobile spyware” and a “29% rise in banking malware,” most capable of bypassing MFA.IoT attacks surged by “45% year-over-year,” with a “12% increase in malware payload deliveries” to IoT devices.
The research uncovered over “200 fake apps” on the Google Play Store like “Anatsa banking malware” targeting over “650 financial institutions.”
In the OT sector, once air-gapped systems are now integrated into enterprise networks can expose them to new threats.
Besides this, the most shocking thing is that 50% or more of OT systems run on “end-of-life operating systems” with known vulnerabilities, while risky protocols persist in “east-west OT traffic.”
Free Webinar on How to Protect Small Businesses Against Advanced Cyberthreats -> Watch Here
These findings highlight the urgent need for robust cybersecurity measures across “mobile,” “IoT,” and “OT environments” to combat the evolving threat landscape.In the current threat landscape, “mobile,” “IoT,” and “OT” attacks are escalating globally.
However, in this case, “India” emerges as the primary target for mobile threats which accounted “28% of all attacks,” followed by “the US,” “Canada,” “South Africa,” and “the Netherlands.”
The United States bears the major impact of “IoT attacks,” facing “81% of total incidents,” with “Singapore,” “the UK,” “Germany,” and “Canada” trailing behind.
The manufacturing sector is particularly vulnerable which is experiencing “36% of all IoT malware blocks,” while “transportation (14%)” and the “food, beverage & tobacco industries (11%)” also face significant risks.
Apart from this, the “technology” and “education” sectors are the most targeted.
Since these cyber threats grow more sophisticated so enterprises must implement “robust security measures,” like “zero trust architecture,” to protect their digital assets.
This is primarily crucial as organizations increasingly rely on “IoT” and “OT” connectivity for business operations.
The ISA has issued warnings about threat actors actively targeting OT devices and critical infrastructure.
Recommendations
Here below we have mentioned all the recommendations:-
- Discover, classify, and inventory IoT and OT assets.
- Enable zero trust connectivity.
- Enforce zero trust device segmentation.
- Maintain consistent zero trust security policies.
How to Choose an ultimate Managed SIEM solution for Your Security Team -> Download Free Guide (PDF)