Cybersecurity firm Zscaler’s latest report, entitled 2025 Mobile, IoT & OT Threat Report, disclosed a significant increase of cyberattacks on Android mobile gadgets used in critical infrastructure sectors in 2024. Mobile attacks on the energy industry increased by 387%. It increased by 224% in the healthcare industry and 111% in the manufacturing industry.
The Zscaler ThreatLabz team analyzed the June 2024 to May 2025 data collected from clients’ Internet of Things (IoT) and mobile devices. Most manufacturing, healthcare, transportation, and smart cities today run their businesses using mobile, IoT, and OT systems and use them for worldwide connectivity. Cyber attackers are taking advantage of the increasing use of mobile gadgets, the growth of internet connectivity, and the surge of hybrid and remote employment.
Attacks on mobile devices to obtain preliminary access increased. From January to May 2025, Android malware transactions grew by 67%. Google reported 42 million downloads of 239 malicious Android applications in its Play Store. Therefore, Google adjusted controls to stop malicious apps from being uploaded to its Play Store. However, attackers can easily avoid those controls and target mobile gadgets.
Because the manufacturing and healthcare industries use IoT devices for company operations, their attack surface has increased, making them an easy target for threat actors. IoT devices typically have security weaknesses that attackers can target to access company systems and interrupt functions. Usually, malware families like Mirai, Mozi are utilized for delivering malicious payload and botnet expansion.
Since critical infrastructure industries such as energy and healthcare are interconnected, and these industries play an important part in daily life and community safety, advanced cyber campaigns frequently attack these industries. Threat actors are targeting these fields for the greatest impact and monetary gain.
Zscaler says that in 2026, AI-driven attacks, including hyper-targeted phishing campaigns, will continue to rise. It may be difficult to recognize AI-driven attacks, so AI-driven security may be necessary. IoT and OT ransomware attacks will probably continue to increase, specifically in the manufacturing, power, and healthcare industries.
Zscaler believes that attackers will still target mobile applications as supply chain attack vectors, especially third-party mobile app development channels, to put malicious code in generally trusted programs, which will require routine assessment of app permissions and actions. Sectors such as healthcare, including HIPAA-covered entities, that have experienced a substantial rise in attacks need efficient mobile device protection.
As per Zscaler, it is necessary to implement zero-trust architectures to protect against these advanced threats. Use zero-trust frameworks for web-facing gadgets such as routers and any edge systems.
Image credit: maurice norbert, AdobeStock
