Specialized attacks like modified or malicious code changes saw double-digit growth YoY

Ongoing state-sponsored cyber malfeasance, rebounding cryptocurrencies, jailbreaking, and surging use of AI/ML all contributed to the increase in attacks

Raleigh, NC – May 14, 2024 – Digital.ai, an industry-leading technology company helping Global 5000 enterprises automate software delivery through its AI-powered DevSecOps platform, today announced the results of its 2024 Application Security Threat Report, quantifying and emphasizing the pervasive risks to applications that run outside corporate firewalls (“in the wild”.) The results show that the frequency of application attacks is rising as cyber criminals continue to prey on the increasing reliance on web, mobile and desktop apps.

The report examined data about threats identified from monitoring applications under active protection: the likelihood of an app being attacked rose 8% YoY, with gaming apps and financial services apps facing the highest risk of attack at 76% and 67% respectively. The top reasons for the increase in breached applications:

  • Tool democratization, like reverse-engineering tools in the hands of hackers
  • Increased “jailbreaking has taken root within the community of hackers
  • The surging use of AI/ML increases the productivity of malware developers

“We’re seeing that the appetite for cybercriminals continues to be insatiable,” said Wing To, General Manager of Intelligent DevOps and Security, Digital.ai. “Threat actors are exploiting AI and low-code technologies to attack the growing number of apps—and benefiting from increased precision. As a result, customers are increasingly vulnerable in their app interactions; customer-centric enterprises are prioritizing protective measures for the applications their customers rely on daily.”

2024 also saw a significantly sharper uptick in specialized attacks—attacks that violate
an application’s integrity through, for example, a malicious change in application code. The likelihood of an app being run with modified code:

  • iOS based apps grew from 6% to 20% YoY;
  • Android based apps grew from 28% to 63% YoY

Specific to mobile applications, both Android and iPhone attacks are surging; Android apps are more likely to be targeted with environmental attacks (94%) than iPhone apps (70%) due to their Open-Source operating system.

The study found no link between the popularity of an app and frequency of attack.

Survey Methodology
Digital.ai has hundreds of application security customers worldwide who protect over 1 billion instances of applications. The data in this report is anonymized and aggregated global customer data collected over a four-week period from February 1 to February 28, 2024. “Risk,” in this case, is measured from the enterprise creating the application’s perspective. In other words, if 100 enterprises create 100 apps and 58 of those apps experience an attack on one or more instances of that app, the report will state that 58% of apps were under attack.

For more information on Digital.ai, visit Digital.ai. To read the full 2024 report, click here.

About Digital.ai

Digital.ai is an industry-leading technology company dedicated to helping Global 5000 enterprises automate software delivery workflows across complex technology environments. The company’s AI-powered DevSecOps platform automates software releases, improves mobile application testing and security, and provides insights across the software lifecycle. Digital.ai empowers large enterprises to embrace AI responsibly, reduce software-related risk, and amplify developer productivity to deliver innovations that drive business outcomes. Additional information about Digital.ai can be found at digital.ai and on Twitter, LinkedIn and YouTube.

Media Contact:
Colleen Martin
Zer0 to 5ive, for Digital.ai
colleen@0to5.com