Digital.ai has released its annual report, which this year highlighted the risks of ‘in the wild’ applications.
AI-powered enterprise software platform Digital.ai has released its third annual State of App Sec Threat Report, which explores the risks posed by “in the wild” applications, that is apps that have been released and are no longer under the control of the original author.
The report was compiled using data collected from Digital.ai Application Security users globally, throughout the month of January in industries such as banking, media, telecom, manufacturing, gaming and cyber security. The survey made apparent the need for greater app security, as AI, shared attack tactics and scripts make threat actors more dangerous.
Concerning findings
According to the report, the speed at which apps are being produced and the availability of freely dispersed AI tools have given rise to more sophisticated attacks on the part of malicious hackers, as there are increased opportunities to reverse-engineer, analyse and exploit applications at scale.
The results show that, of those surveyed, 83pc of applications are under constant attack, a figure nearly one-fifth higher than the previous years numbers, with sectors such as telecoms (91pc), financial services (87pc), automotive (86pc) and healthcare (78pc), the most affected.
Essentially, these apps were either run in an unsafe environment, via a jailbroken or rooted phone, debugger or emulator, or were probed for weaknesses and in worst case scenarios, actively tampered with. While traditionally, apps that run on an android system were found to be targeted more often, with a rise in advanced exploitation techniques, Digital.ai found that the gap is narrowing, with iOS attacks increasing to 88pc.
Commenting on the survey, Derek Holt, the CEO of Digital.ai, said, “We live in an app-first world that is shaping our lives, dominating brands and transforming daily interactions between businesses and consumers. For enterprises, apps represent a gainful bridge to their consumers and employees, but for threat actors, these apps represent lucrative targets.
“Today, we see more attackers expanding their focus to target not just flagship apps but secondary apps, plugins, add-ons and more. As AI exponentially increases the capabilities of threat actors, businesses must dramatically increase their ability to protect and monitor all applications against reverse engineering, tampering, and man-in-the-middle attacks. Delivering applications without these security protections is like leaving your front door unlocked and wide open.”
Increased awareness
Digital.ai’s report indicated that despite certain sectors being of key focus to threat actors and malicious behaviours, no sector is immune, as less targeted industries such as healthcare and automotive are at significant risk. As highlighted, there are three coinciding trends potentially contributing to the growing frequency in attacks across the board.
Firstly, as tool democratisation expands and reverse-engineering tech continues to attract large communities of users, people with less than honest intent may share ideas, tips and tricks for unethical cyber activity. Secondly AI has obviously infiltrated virtually all aspects of working life in the tech space. While it has many uses for the greater good, it can also be deployed by threat actors to develop malware and harmful source code.
Lastly, as apps grow at an unprecedented rate, not only does the widening attack surface increase the number of assaults, providing a fertile ground in which threat actors can thrive, it may also expose vulnerable security coverage. “White-hat and black-hat hackers typically learn by doing and the rapidly escalating number of apps offer ample opportunities to hone their skills.”
Cybersecurity is an ever important element of an organisation and the individuals day-to-day, with every app posing a risk if improperly managed, even post-download. Different regions will have their own specific issues. EMEA for example, has a high attack rate, influenced strongly by its mass fintech adoption and stringent regulatory requirements.
However, GDPR, heightened awareness and privacy concerns have led to mature security programmes that work to quickly and efficiently detect an attack. In other regions, there are reportedly low instances of attack reporting, but whether that is because attacks are less likely or instances are improperly recorded, remains to be seen.
Essentially, organisations and employees should work to better understand how their country deals with and manages threats, but regardless, it is in everyone’s best interest that cyber hygiene and best practice become part of the organisational framework.
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
