Digital.ai announces the results of its first annual Application Security Threat Report, revealing and quantifying risks to real-world applications. The results revealed that 57% of all monitored apps are under attack, with games (63%) and FinServ (62%) being the most likely to be attacked. . Although the study found no correlation between an app’s popularity and its likelihood of being attacked, Android apps are more likely to be placed in an insecure environment (76%) than iOS apps (55%). ) I found out. Android apps are more likely to run with modified code (28%) than iOS apps (6%). Digital.ai surveyed application security customers worldwide based on point-in-time data collected between February 1 and February 28, 2023.
Digital.ai’s Threat Analysis Report research helps security professionals identify threats to apps and better apply defenses against apps.
“In 2021 alone, mobile apps were downloaded a staggering 100 billion times. The reasons and motivations for attacks against apps are diverse, across both curious and threatening attackers. It’s on the rise. In lucrative industries such as gaming and financial services, hacking games can be profitable and provide desirable “public trust.” “Our customers have determined that the best way to prevent attacks on their apps is to build security into them,” said Greg Ellis, General Manager of Security for Digital.ai’s Applications. I am.
A number of factors come together to explain why an attack is likely to occur in 2023.
The pace of democratization of tools among threat actors is accelerating. Recently, reverse engineering tools such as Ghidra and dynamic instrumentation toolkits such as Frida have become more sophisticated and popular.
The advent of cryptocurrencies and P2P payment apps makes it much easier for threat actors to “cash out” their schemes, especially when ransomware is involved.
The nationalization of attacks has freed up vast resources for threat actors.
“Application owners are well aware of the pressure to create more applications, faster, especially with the addition of AI code assistance tools. This will result in security changes in the short term. Digital.ai’s platform allows teams to avoid innovations that impede innovation or slow down the development and delivery process. You can introduce security features and procedures early in the development cycle without having to do anything. This means security teams can monitor applications in production to better understand when their applications are at risk. ,” said Derek Holt, CEO of Digital.ai.
App risks by industry
The study analyzed results across multiple industry sectors and found that gaming (63%) and FinServ apps (62%) are most likely to be attacked. The stakes are high in the $250 billion gaming industry. Selling pirated games on gray market app stores like Cydia can generate direct income for hackers. Plus, you can make money in the micro-economies that popular games create and foster. Those who crack the most protected games are often celebrated and considered worthy of respect within the gaming community.
FinServ and non-gaming apps, such as implanted medical devices, Bluetooth-enabled phone apps, and retail stores, have a 54% chance of being attacked.
Digital.ai has hundreds of app security customers around the world, protecting over 1 billion application instances. We provide application security solutions that embed security into your apps in a variety of ways.
- Incorporate security into your application development process
- Obfuscate your code to prevent reverse engineering
- Prevents tampering by detecting unsafe environments and code changes
- Configure customized or automated protection on-premises or in the cloud
- Visualize risky apps
- Create standalone reports or integrate with existing Security Operations Center tools
- Create searchable logs
- See which guards and protections are enabled
- Automatically respond to threats
- Force step-up authentication
- Change app functionality
- Shut down the app under attack
- Create a custom tamper response