“As more and more apps are being offered to the public, there is a relative paucity of data on threats to those apps,” Shugrue said. “One of the goals of this report seeks to begin to remedy that situation.”
The report also highlighted that gaming and financial services applications face the highest risk of attacks at 76% and 67%, respectively.
“Gaming and Financial Services are sectors that have very large user bases as well as a direct link to a financial impact, so I’m not surprised they are the highest risk of attacks and is consistent with my research,” David Vance, senior analyst at ESG Global, said about the finding.
AI/ML advancements among top pushers
The evolution of various AI and ML tools has increased the productivity of malware developers, the report noted. “Surging use of AI/ML dramatically increases the productivity of both app developers and malware developers, resulting in more apps to attack and more attack vectors in use,” Digital.ai said in the report.
“The increased adoption of AI/ML technologies has a couple of major implications. First, for organizations adopting and using AI/ML themselves, that represents another attack surface that needs to be secured and protected against data loss, manipulation/tampering, and IP theft,” Vance said. “Second, attackers are increasingly using AI/ML to boost their productivity for malicious intent such as AI/ML powered bot attacks and writing malware code as the report points out.”
Tool democratization — refers to the general availability of technologies to reverse engineer applications or modify codes — and increased jailbreaking in the hacker’s community have been identified as other key drivers of the attacks.