While most people know to run some type of cybersecurity protection on their computers, many ignore their mobile devices. To that point, a recent mobile threat research report reveals that every business has experienced at least one mobile cyberattack in the past year. And, when you look at the array of avenues available to hackers to break into mobile devices, it can be sobering. It’s no wonder that mobile has become a very attractive area for hackers to focus their attention.
Four key reasons drive hackers to focus on mobile targets:
Mobile devices can be very easy to crack. Most users do not use basic protection. Invariably when they do, they are not vigilant about applying updates and security patches.
With around 2.1 billion people today using smartphones and other devices, there is great opportunity to exploit. And hackers rely on those large numbers to execute successful malware campaigns. With one example from a couple years ago, hackers were able to breach more than 1 million Google accounts through apps from third-party marketplaces that were infected with ‘Gooligan.’ When users downloaded and installed compromised apps, Gooligan malware would kick into gear and download rootkits, giving hackers all they needed for full control of infected devices, including executing privileged commands remotely. On top of that, Gooligan was able to install adware to generate revenue. Since an ad server doesn’t know whether an app using its service is malicious or not, it would send Gooligan the names of the apps to download onto the infected device from Google Play. Once the app was installed, the ad service would pay the hacker.
Lower Hanging Fruit
Individuals phone numbers are fairly easy to capture compared to other types of information. For instance, just recently, T-Mobile warned of a phone-jacking scam that seems like a remarkably simple heist. Think about how often you’ve had to overhear people share personal details in public as they leave voicemails or chat with friends. It’s not uncommon for someone to recite a mobile number in the course of those communications. With that one piece of information, a hacker can contact a mobile service provider, pretending to be the actual mobile customer that he or she is targeting. Then, the hacker requests that the phone number be transferred to a new SIM card. This gives the hacker ownership of that phone number. Consequently, the hacker then has a stepping stone to the victim’s other types of personal accounts to launch phishing campaigns or inflict other digital damage.
An infected mobile device can wreak more havoc than an infected computer. For example, one of the vectors that is becoming more and more common is mobile banking malware. An Accenture study conducted a vulnerability assessment with a range of mobile banking apps, working with NowSecure. All of the apps in the study had at least one known security risk identified. Mobile security researchers won’t be surprised by that because they already know that you don’t need to be a rocket scientist to execute mobile banking malware. When a device becomes infected with it, the malware searches for a banking app. Once the app is engaged, the malware launches a fake overlay page. Then, when the user enters credentials, the data is sent directly to the attacker’s server. Not only that, once cybercriminals have installed their malware on devices, they can use their newly gained access to incoming calls and text messages to help bypass stringent security solutions.
It sounds grim. Especially when you consider that with more reliance on the cloud, the number of mobile devices accessing the information stored there is rising, which elevates the risk of these mobile threats. And then consider that work is underway for the moon to get its first mobile network. While that maybe a little farther beyond the cloud than most people have in mind, the bottom line is that the attack surface continues to grow. More therefore needs to be done to prevent cyberattacks on the mobile front.
What to do
– Use solutions that protect against mobile malware, prevent suspicious file downloads and block malicious websites. Don’t limit your enterprise mobile security to just Mobile Device Management (MDM) or Enterprise Mobile Management (EMM) solutions. MDM and EMM solutions are strictly for managing devices and provide minimal security, such as device wiping in the event of a lost or stolen device. EDM and EMM solution do not provide protection against unknown zero day malware.
– Set protections and policies that segregate business data and applications from personal. Also, encrypt files and ensure that only authorized users can access them.
– Extend your policies and protections to the cloud. Don’t fall into a false sense of security by thinking that whatever you’ve done on-premises is enough. Cybersecurity protections need to follow mobile users, wherever they go.
As you review your mobile security strategy, make sure the solutions you choose shield devices from infected apps, man-in-the-middle attacks, OS exploits, malicious links in SMS messages, and other exploits. Last but not least, verify that your security team is operating with a cloud-based dashboard that provides real-time threat intelligence and visibility.