Zscaler: India the top target for mobile attacks

Source: Zscaler ThreatLabz 2024 Mobile, IoT, and OT Threat Report. Percentage of mobile attacks by country. 
 

Zscaler, the cloud security provider, has published its Zscaler ThreatLabz 2024 Mobile, IoT, and OT Threat Report. The report offers an overview of the mobile and Internet of Things/operational technology (IoT/OT) cyberthreat landscape from June 2023 through May 2024. 

The report findings stress the urgency for organisations to reevaluate and secure mobile devices, IoT devices and OT systems, Zscaler said. ThreatLabz identified more than 200 malicious apps in the Google Play Store, with more than 8 M collective installs globally. In addition, the Zscaler cloud blocked 45% more IoT malware transactions than last year–indicative of botnets continuing to proliferate across IoT devices. 

"Cybercriminals are increasingly targeting legacy exposed assets which often act as a beachhead to IoT and OT environments, resulting in data breaches and ransomware attacks," said Deepen Desai, CSO at Zscaler. 

"Mobile malware and AI-driven vishing attacks adds to that list, making it critical for CISOs and CIOs to prioritise an AI-powered Zero Trust solution to shut down attack vectors of all kinds safeguarding against these attacks." 

The report revealed that India was the top target globally for mobile attacks, experiencing 28% of all attacks, while Singapore is the top target of IoT attacks in Asia Pacific and Japan (APJ). The top five most-targeted countries in APJ for mobile malware are: 

• India 
• Singapore 
• The Philippines 
• Australia 
• Indonesia 

With a 77% rise in spyware year over year in the region, cyberattacks have never been more profitable for threat actors, either through monetary gain via direct extortion or passthrough use of stolen personally-identifiable information (PII) and user credentials that can be sold and leveraged in future attacks, Zscaler observed. 

Anatsa, a known Android banking malware that uses PDF and QR code readers to distribute malware, has targeted more than 650 financial institutions, and more specifically, users in Singapore, Germany, Spain, Finland, and South Korea. 

With its central role in global communication and data processes, Singapore stands out as the second most-impacted country by IoT attacks after the US, accounting for 5.3% of all attacks globally. The US remains the main target, receiving 81.3% of malicious IoT traffic. 

Globally, the technology (18%), education (18%) and manufacturing (14%) sectors are the most frequent targets of mobile malware. Education in particular saw a dramatic 136% increase in blocked transactions compared to the previous year. Additionally, for the second year in a row, manufacturing experienced the highest volume of IoT malware attacks, accounting for 36% of all IoT malware blocks observed on the Zscaler Zero Trust Exchange platform. 

When analysing unique devices across different verticals, this sector stands out with the highest implementation of IoT devices due to its extensive use of IoT applications, ranging from automation and process monitoring to supply chain management. 

Previously air-gapped and isolated from the Internet, OT and cyberphysical systems have rapidly become integrated into enterprise networks, enabling threats to proliferate, Zscaler added. OT deployments can involve thousands of connected devices spread across dozens of sites, creating a substantial attack surface for external threats, such as those that exploit known zero-day vulnerabilities. Additionally, this also creates a large attack surface between internal (east-west) OT traffic, increasing the risk of lateral movement and the potential blast radius of a successful attack. 

To enable secure hybrid work and provide seamless access to any application, enterprises need to retire network-centric approaches, which hamper productivity and leave them vulnerable to lateral movement, Zscaler advised. Instead, organisations must adopt a Zero Trust architecture that enables secure remote access from any user device to any application, from any location. 

*Research methodology:  The Zscaler ThreatLabz team analysed a data set collected from the Zscaler Security Cloud between June 2023 and May 2024, comprising more than 20 B threat-related mobile transactions and associated cyberthreats.

Explore

Download the Zscaler ThreatLabz 2024 Mobile, IoT, and OT Report at https://www.zscaler.com/campaign/threatlabz-mobile-iot-ot-report (registration required)