Cybersecurity company Zscaler’s new report revealed that cyberattacks on Android mobile devices in critical infrastructure industries significantly increased in 2024. The energy sector had the biggest increase in mobile attacks with 387%, followed by healthcare with 224% and manufacturing with 111%.
The Zscaler ThreatLabz team reviewed data compiled from clients’ mobile and Internet of Things (IoT) devices from June 2024 to May 2025. It published the results of the study in Zscaler’s 2025 Mobile, IoT & OT Threat Report. Manufacturing, transportation, healthcare, and smart cities use mobile, IoT, and OT systems for business operations today and global connectivity. Cyber attackers are exploiting the growing usage of mobile devices, the expansion of web connectivity, and the rise in hybrid and remote working.
Attacks targeting mobile gadgets to get initial access have increased. Android malware transactions increased by 67% from January to May this year as Google Play Store users downloaded 239 malicious Android applications 42 million times. Google has set controls to stop the upload of malicious apps to its Play Store, but attackers are able to elude those controls and attack mobile devices.
Industries like manufacturing and healthcare use IoT devices for business operations, drastically increasing the attack surface, making it easy for threat actors to attack them. IoT devices usually have security vulnerabilities that could be targeted to break into company systems and disrupt operations. Most often, malware families such as Mozi, Mirai, and Gafgyt are used for malicious payload delivery and botnet expansion.
Because of the interconnectedness of critical infrastructure industries like energy and healthcare, and the crucial part these industries play in everyday life and public safety, sophisticated cyber campaigns often target these industries. Attackers are targeting these industries for maximum impact and financial profit.
Zscaler states that 2026 will continue to see a rise in AI-driven attacks, which include hyper-targeted phishing campaigns. It can be hard to identify AI-driven attacks, and necessitates AI-driven protection. IoT and OT ransomware attacks will likely keep increasing, particularly in the energy, manufacturing, and healthcare sectors.
Zscaler thinks that attackers will continue to target mobile apps as supply chain attack vectors, particularly third-party mobile application development channels to input malicious code in generally trusted applications, which will call for regular evaluation of app permissions and activities. Industries, including healthcare, that have encountered a significant increase in attacks must have an effective mobile device security system. Healthcare providers need to include awareness about these cyberattacks in their HIPAA training.
According to Zscaler, the implementation of zero-trust architectures is a necessary defense against these sophisticated threats. It is very important to put in place zero-trust frameworks for internet-facing devices like routers and other edge systems.
Image credit: Kiattisak, AdobeStock
