Zimperium has released its Global Mobile Threat Report 2023. This shows continued growth of the ‘mobile-powered business’ along with the increasingly sophisticated security risks facing it.
The Global Mobile Threat Report 2023 examines the most important trends that shaped the mobile security landscape over the last year and draws on the research from Zimperium’s zLabs researchers, as well as third-party industry data, partner insights, and observations from leading industry influencers.
The mobile-powered initiatives of today’s enterprises and government agencies are under attack says the report. The rise in mobile-powered businesses is opening the door to vulnerability gaps that are being specifically targeted by cybercriminals and nation-states.
Key findings include:
- Phishing attacks against mobile devices are growing. 80 percent of phishing sites target mobile devices specifically or are designed to function both on desktop and mobile. Meanwhile, the average user is six to ten times more likely to fall for SMS phishing attacks than email-based attacks.
- EMEA and North America have the highest percentage of devices being impacted by spyware, with EMEA at 35 percent and North America at 25 percent.
- Both Apple and Android saw increasing instances of detected vulnerabilities. There was a 138 percent increase in critical Android vulnerabilities discovered in 2022, while Apple iOS accounted for 80 percent of the zero-day vulnerabilities actively being exploited in the wild.
- Malware is continuing to proliferate rapidly. Between 2021 and 2022, the total number of unique mobile malware samples rose 51 percent, with more than 920,000 samples detected.
- In 2021, Zimperium detected malware on 1 out of 50 Android devices. It increased significantly in 2022 to 1 out of every 20 devices.
“The explosive growth in mobile device and app usage has created an ever-growing attack surface,” said Shridhar Mittal, CEO of Zimperium. “Mobile devices are integral to the way we work, communicate, navigate, bank, and stay informed - creating new opportunities for malware. Last year’s Global Mobile Threat Report revealed that 60 percent of the endpoints accessing enterprise assets were mobile devices, and this does not seem to be slowing down. Mobile-powered businesses must increase mobile security measures to protect the personal data security of employees and the sensitive information belonging to the organization.”