The responsibilities of the Chief Information Security Officer (CISO) are evolving significantly, influenced by the increase in data breaches and cyber threats such as ransomware, along with the Securities and Exchange Commission (SEC) mandates for public companies to report significant breaches.
Among the most rapidly changing areas in enterprise cybersecurity are mobile devices, the internet of things (IoT), and operational technology (OT) systems. Currently, a staggering 96.5% of users connect to the internet using mobile devices, which account for 59% of all internet traffic. At the same time, systems once isolated from the internet, like OT and cyber-physical systems, have integrated into corporate networks, creating new opportunities for threats to escalate.
In order to provide insights into this expanding threat landscape, the Zscaler ThreatLabz research team undertook a comprehensive analysis of attack trends related to mobile devices and IoT/OT systems from June 2023 to May 2024.
In summary, ThreatLabz observed a surge in financially motivated mobile attacks, noting a 111% increase in spyware incidents and a 29% rise in banking malware, with a majority of these attacks capable of evading multifactor authentication (MFA). Concurrently, attacks on IoT devices rose by 45% year-over-year, and ThreatLabz highlighted significant security vulnerabilities within OT environments.
In the following sections, we will highlight the essential insights from the report. For a detailed overview of the trends in mobile and IoT/OT, along with case studies and effective strategies to safeguard your organization, feel free to access the Zscaler ThreatLabz 2024 Mobile, IoT, and OT Threat Report.
5. India emerged as the primary target for mobile attacks, experiencing 28% of the global total. This was closely followed by the United States, Canada, South Africa, and the Netherlands. When it comes to IoT attacks, the United States stands out as the most targeted nation, suffering 81% of all attacks, with Singapore, the UK, Germany, and Canada trailing behind.
6. The manufacturing sector faced the greatest number of IoT attacks, representing 36% of all reported IoT malware blocks. This was succeeded by the transportation sector at 14%, and food, beverage, and tobacco industries at 11%. Additionally, mobile threats primarily targeted the technology and education sectors.
Zscaler
As cyber threats that target mobile devices and IoT/OT assets evolve and become more complex, organizations must find effective ways to minimize cyber risks while leveraging IoT and OT connectivity to enhance their business. The rise in IoT-related attacks has been notable, with malicious actors increasingly focusing on OT devices and critical infrastructure, as highlighted by warnings from CISA. Concurrently, businesses require a strong solution to secure mobile access to any SaaS or private application, whether it resides in the cloud or within their data centers. To safeguard these devices and systems effectively, organizations should consider implementing a zero trust strategy that reduces cyber threats and strengthens their overall security posture:
As threats to mobile and IoT/OT systems continue to rise, it is essential to stay informed about the latest trends, understand the implications of these attacks, and adopt best-practice measures to protect your organization from a wide array of threats.
Download your version of the Zscaler ThreatLabz 2024 Mobile, IoT, and OT Threat Report today.
