Zimperium published a report unveiling new data and comprehensive analysis of the state of mobile security worldwide.
In 2021, the Zimperium zLabs team discovered threats impacting 10 million mobile devices in at least 214 countries. Mobile malware was the most prevalent threat, encountered by nearly 1 in 4 mobile endpoints within the global customer base. Throughout the year, the team detected 2,034,217 new mobile malware samples in the wild, equating to an average of nearly 36,000 new strains of malware a week and over 5,000 a day.
“In two short years, our work environment became way more complex and sophisticated than it was at the beginning of 2020. Distributed and hybrid workforces, ever-connected devices, high speed 5G connectivity, and increased critical data access from remote locations have spread enterprises worldwide,” said Shridhar Mittal, Zimperium’s CEO.
“This level of mobile connectivity will remain the expectation for workers, customers, and enterprises for decades to come, but today’s cybersecurity was not built to support these environments – and attackers know it. Organizations need to come to terms with how to effectively secure this new reality, and this research will provide critical visibility and insights to help get there.”
Combining a mountain of mobile threat data for full visibility
According to Google, exploited zero-day vulnerabilities used in active attacks against mobile endpoints skyrocketed in 2021 by 466% year over year. In addition, new data from Zimperium demonstrates the growing threat posed by different mobile attack vectors, such as phishing. From 2019 to 2021, Zimperium analyzed more than 500,000 phishing sites and found that the number of mobile-specific phishing websites grew by 50%. Further, over the course of 2021, 75% of the phishing sites Zimperium analyzed specifically targeted mobile devices.
Over the past two years, attackers have also exhibited an increasing sophistication in their methods for executing phishing attacks. For example, the percentage of phishing sites using HTTPS has grown steadily, from less than 40% in 2019 to nearly 60% in 2021, making it increasingly difficult for users to distinguish these sites from those that are legitimate.
State of mobile security: Mobile attack methods by region
While the report provides an extensive, worldwide snapshot of the current state of mobile threats, it also dissects the data to show differences in regional environments. This shows how savvy attackers adapt the tactics they use based on the mobile environment and perceived vulnerabilities in different regions.
The data, inclusive of all threats and risks detected and prevented among enterprise clients, exposes the pervasiveness of different tactics from around the globe, giving organizations valuable insight into regional landscapes.
- In North America, the top tactics used by attackers closely mirrored global averages with 22% of mobile devices encountering malware in 2021, compared to 23% globally. “Man in the middle” attacks were the next most common vector, hitting 13% of devices and matching the global average.
- In Asia, 26% of mobile devices encountered malicious websites in 2021, making users there more than twice as likely to be targeted by malicious sites than the worldwide average (12%). In addition, at least 1 in 4 mobile enterprise devices encountered at least one phishing attack in 2021.
- In both Europe and South America, 19% of mobile users encountered network reconnaissance through scans, potentially revealing critical data about their devices, compared to only 12% of devices that encountered scans globally.
Overall, the data in the report shows the diversity in risks, threats, and attacks targeting mobile endpoints on a global scale. Mobile malware continues to dominate the threat landscape, acting as the most efficient and effective method to attack, compromise, and steal from mobile endpoints. Network-based attacks are also incredibly effective and prominent, taking advantage of the mobile phone’s big differentiator – the ability to always be connected.
With the rise in remote and distributed workers and customers, enterprises need to prepare and secure against an ever-changing landscape of threats based on where their employees, apps, and data are in the world. The modern attack surface has grown, and threats to enterprises continue to be prevalent and effective against unsecured devices.