Today, we’re thrilled to sit down with Kwame Zaire, a renowned expert in manufacturing with a deep focus on electronics, equipment, and production management. As a thought leader in predictive maintenance, quality, and safety, Kwame brings a unique perspective to the intersection of cybersecurity and industrial sectors. In this interview, we dive into the alarming trends revealed by the latest Zscaler ThreatLabz 2025 Mobile, IoT, and OT Threat Report, exploring the surge in Android malware, the targeting of critical industries like Manufacturing and Energy, and the growing vulnerabilities in IoT ecosystems. We also unpack the evolving tactics of cybercriminals and discuss practical ways to safeguard against these threats in hybrid work environments and beyond.
How would you describe the most striking revelations from the Zscaler ThreatLabz 2025 Mobile, IoT, and OT Threat Report?
The report really underscores the sheer scale and sophistication of cyber threats today. What hit me hardest was the 67% year-over-year spike in Android malware transactions. It’s a clear sign that mobile devices are becoming prime targets. Beyond that, the fact that over 40 million downloads of malicious apps came through trusted platforms like the Google Play Store shows how cybercriminals are exploiting user trust. Their tactics are evolving rapidly, focusing on disguising malware as everyday tools, especially in hybrid work settings where mobile reliance is high.
What do you think is fueling the dramatic increase in Android malware, particularly with that 67% jump in transactions?
A big driver is the growing dependence on mobile devices for both personal and professional use. People are downloading apps for everything, from productivity to communication, without much scrutiny. Cybercriminals are capitalizing on this by targeting categories like “Tools,” which seem harmless but often hide malware. Additionally, the accessibility of app development tools means attackers can churn out malicious apps faster than ever, flooding marketplaces with threats that look legitimate.
How are cybercriminals managing to sneak malicious apps into trusted platforms like the Google Play Store, and what’s their strategy to deceive users?
They’re incredibly clever about blending in. These attackers design apps that mimic legitimate productivity or workflow tools, often using polished interfaces and convincing descriptions. They prey on user trust—most people assume anything on a trusted marketplace is safe. By targeting high-demand categories, they ensure mass downloads before anyone catches on. It’s a numbers game, and with over 40 million downloads of malicious apps, it’s clear their strategy is working.
The report points to hybrid and remote work environments as growing targets. Why do you think these settings are so vulnerable to malware attacks?
Hybrid and remote work blur the lines between personal and professional device use. Employees often use the same mobile devices for work and personal tasks, which means less oversight and more exposure to risks. Many companies lack robust security policies for mobile devices compared to traditional office setups. Plus, the reliance on apps for collaboration and productivity in these environments makes users more likely to download unverified tools, creating a perfect entry point for malware.
Manufacturing and Energy sectors are highlighted as major targets for Android malware. What makes these industries so attractive to cybercriminals?
These sectors are critical to global infrastructure, so the stakes are incredibly high. A successful attack can disrupt supply chains, halt production, or even compromise safety. The Energy sector, for instance, saw a staggering 387% increase in attacks, likely due to its digital transformation—more connected systems mean more vulnerabilities. Manufacturing also deals with a mix of legacy and modern systems, which often aren’t patched or secured properly, making them low-hanging fruit for attackers.
Shifting to IoT, the report notes that Manufacturing and Transportation each account for about 20% of malware attacks. What’s driving this trend in these sectors?
IoT devices in these industries are often deployed at scale—think sensors, machinery, or vehicle tracking systems. Many of these devices have weak security by design, with default passwords or outdated firmware. Cybercriminals exploit these gaps to gain access to broader networks. In Manufacturing, IoT is critical for automation, while Transportation relies on it for logistics. The sheer number of connected devices, combined with often lax security practices, makes them prime targets for malware.
With 40% of blocked IoT transactions linked to the Mirai malware family, can you shed some light on why this particular malware is so prevalent?
Mirai is notorious for targeting IoT devices, especially those with default or weak credentials. It turns compromised devices into bots for massive distributed denial-of-service (DDoS) attacks. Its prevalence comes down to simplicity and effectiveness—Mirai’s code was leaked years ago, so even less skilled attackers can modify and deploy it. Plus, many IoT devices still lack basic security updates, making them easy prey for Mirai and its variants. It’s a persistent problem because the root issues, like poor device security, haven’t been fully addressed.
Looking ahead, what’s your forecast for the future of mobile and IoT threats in critical industries like Manufacturing and Energy?
I expect these threats to intensify as industries continue to digitize. The push for efficiency through IoT and mobile integration will inevitably create more attack surfaces. We’ll likely see more tailored malware, designed specifically for industrial systems, alongside an uptick in ransomware targeting critical infrastructure. On the flip side, I’m hopeful that awareness will drive better security practices—stronger device standards, regular updates, and employee training could make a big difference. But it’s going to be a race between attackers and defenders for the foreseeable future.
