Posted on by

6 key insights into mobile and IoT/OT attack trends

6 key insights into mobile and IoT/OT attack trends

The role of the CISO continues to expand due to the increasing number of breaches and cyberattacks such as ransomware, as well as the SEC’s requirements for public organizations to disclose material breaches.

The fastest-changing frontiers in enterprise cybersecurity include mobile systems, the Internet of Things (IoT), and operational technology systems (OT). Today, 96.5% of people access the Internet using a mobile device, while 59% of Internet traffic is generated via mobile devices. Meanwhile, OT and cyber-physical systems, once isolated and isolated from the Internet, have quickly become integrated into corporate networks where threats can proliferate.

To shed light on this emerging threat landscape, the Zscaler ThreatLabz research team conducted a detailed analysis of mobile and IoT/OT attack trends from June 2023 to May 2024.

Overall, ThreatLabz saw an increase in financially motivated mobile attacks – with a 111% growth in spyware and 29% growth in banking malware – most of which can bypass multifactor authentication (MFA). Meanwhile, IoT attacks increased 45% year-over-year, and ThreatLabz identified pervasive security risks in OT environments.

Below we summarize the key findings of the report. Download the Zscaler ThreatLabz 2024 Mobile, IoT and OT Threat Report for a comprehensive understanding of mobile and IoT/OT trends, case studies and best practices to protect your business.

Top mobile and IoT/OT trends

  1. Increase in financially motivated mobile threats, including a 111% increase in spyware and a 29% increase in banking malware.
    • Despite an overall decline in Android attacks, financially motivated mobile threats are on the rise, with most able to bypass MFA.
  2. IoT attacks increased 45% compared to our 2023 report based on blocked attempts in the Zscaler cloud.
    • Zscaler blocked 45% more IoT malware transactions than last year. ThreatLabz also observed a 12% increase in attempts to deliver malware (payload deliveries) to IoT devices.
  3. ThreatLabz discovered over 200 fake apps in the Google Play Store.
    • This includes Anatsa, a well-known Android banking malware that targeted more than 650 financial institutions by using PDF and QR code readers to spread.
  4. Older and outdated operating systems (OS) make OT systems vulnerable.
    • OT and cyber-physical systems, previously separated by air ducts and isolated from the Internet, are increasingly integrated into corporate networks, leading to the proliferation of threats.
    • In an analysis of large-scale OT deployments, ThreatLabz found that 50% or more of OT systems use an end-of-life operating system, many with known vulnerabilities. East-West OT traffic is now teeming with risky protocols and services.

Top mobile and IoT/OT destinations

5. India was the main target of mobile attacks, accounting for 28% of all attacks, followed by the US, Canada, South Africa and the Netherlands. The United States remains the main target of IoT attacks, accounting for 81% of all attacks, followed by Singapore, the United Kingdom, Germany and Canada.

Zscaler

6. Manufacturing experienced the highest volume of IoT attacks, accounting for 36% of all IoT malware blocks observed, followed by transportation (14%) and food, beverage and tobacco (11%). The technology and education sectors were the most affected by mobile threats.

Zscaler

Secure mobile, IoT, and OT without trust

As cyberattacks targeting mobile and IoT/OT resources become more sophisticated, companies need a way to reduce cyber risk while leveraging IoT and OT connectivity to drive their business. In fact, not only are IoT attacks increasing, but threat actors are also actively targeting OT devices and critical infrastructure, something CISA has warned about. Meanwhile, enterprises need a way to reliably secure mobile connectivity to any SaaS or private application, whether in the cloud or in the data center. To protect these devices and systems, organizations should adopt a zero trust approach that mitigates cyber threats and improves their security posture:

  • Discover, classify and inventory IoT and OT assets: Work to gain complete visibility into your IoT and OT attack surface; This includes discovering, classifying and inventorying both managed and unmanaged or “shadow” devices. With such a holistic view, defenders can prioritize their efforts, identify key vulnerabilities and develop a proactive approach to securing these assets.
  • Enable zero trust connectivity: Leverage a robust zero trust architecture that enables adaptive access decisions based on real-time security and status of user devices, risk factors and device telemetry, ensuring secure direct connectivity between endpoints and applications – never to the underlying network.
  • Enforce zero trust device segmentation: Apply least privilege access controls for device-to-application, user-to-application, and application-to-application segmentation. This granular level of segmentation eliminates lateral movement, minimizes data exposure, and strengthens your overall security posture by reducing the risk of a single compromised device compromising the entire network. This should include isolating and fully segmenting agentless IoT/OT devices into a secure “Network of One,” including legacy servers and headless machines.
  • Maintain consistent Zero Trust security policies: Ensure zero trust access policies are consistently enforced across all environments, whether users are at headquarters, at brand locations, or accessing applications remotely.

With mobile and IoT/OT threats on the rise, it’s important to understand the latest trends, the impact of these types of attacks, and the best practice strategies you can adopt to protect your organization from a variety of threats.

Get your copy of the Zscaler ThreatLabz 2024 Mobile, IoT and OT Threat Report today.