Understanding The Mobile Threat Landscape in 2019

2018 saw IT and security teams being barraged by sophisticated cybersecurity attacks. Whilst our advancements in technology allow us to work faster and be better connected, it also puts our sensitive data and systems at risk as the mobile threat grows.

2018 seemed to be the year of never-ending data breaches, with high-profile incidents hitting the likes of British Airways, Google, Facebook and more. As the number of incidents grew, we also saw the implementation of GDPR, with companies now facing hefty fines for data breaches.

Wandera has published a report looking at the current mobile threat landscape we face, with information gathered from 1,500 enterprise customers globally.

In the past year there’s been:

Threats have grown in sophistication

Mobile manufacturers have become increasingly aware of the methods attackers are using to exploit devices, and the likes of Apple and Google have greatly strengthened the security on said devices. As a result, attackers had to explore new tactics in 2018, leading to a rise in social engineering techniques. The likes of spear phishing attacks highlight that attackers are spending more time researching their targets’ behaviour in order to exploit weaknesses.

Our reliance on mobile devices has come hand-in-hand with an acceptance of invasive apps and services harvesting our personal data in return for more tailored, personalised services.

With the number of mobile phone users expected to pass 4.7 billion in 2019, it is of little surprise that mobile devices have become a prime target.

Key Threats in 2019

Phishing

Phishing has grown over the years, from poorly-worded emails vaguely grasping for information to the behemoth it currently is. In fact, it is now the most damaging and high-profile cybersecurity threat facing organisations today. The larger a business is, the greater the likelihood of encountering a mobile phishing attack, with an organisation exceeding 1,000 employees now facing an 85% chance.
Traditional phishing attacks were contained to emails. As organisations email-focused security solutions have grown, malicious agents were forced to turn their attention elsewhere. Phishing sites are also evolving, with HTTPS sites now being used, making the user think they are secure and encrypted.

57% of all organisations have experienced a mobile phishing incident

90% of data breaches start with a phishing attack

A new phishing site is launched every 20 seconds and is only active for an average of 4 hours

Why mobile?

  • Mobile users tend to work faster and more instinctively, whilst using them on the go means users are usually distracted
  • Small screens make it more difficult to spot out-of-place or suspicious URLs
  • BYOD users tend to trust their own mobile devices more, leading to a lapse in sense of security

Lulling the user into a false sense of security is often key for phishing attacks, with major, reputable brands often impersonated.

Top 10 most impersonated brands in phishing attacks:

1.

Facebook

6.

UK Gov

2.

Apple

7.

Microsoft

3.

Google

8.

Fox News

4.

Amazon

9.

Dropbox

5.

PayPal

10.

WhatsApp

Mobile Malware

Mobile malware has spread to apps, with malicious apps now having the potential of being very destructive to organisations. So, what can a malicious app do?

  • Exploit OS vulnerabilities in order to steal data
  • Change device configuration to download more malicious software
  • Lock user out of the device, holding data or access in exchange for a ransom
  • Deliver pop-up ads
  • Trigger premium text messages for monetisation
  • Totally cripple the device, making it unusable

Mobile Cryptojacking

Cryptocurrencies have long been a web-staple, but Bitcoin’s boom in 2017 saw the emergence of crypto jacking alongside it. Mobiles are the perfect tool, with devices possessing powerful CPUs and they are usually always on. Whilst crypto mining doesn’t steal personal data, it requires a lot of power, with crypto jacked devices often being quickly drained of battery.

1 in 4 organisations have experienced a Cryptojacking event

Wi-Fi Threats

Despite 4G advancements and the impending launch of 5G across the country, mobile data can often be unreliable and slow. Users turn to faster Wi-Fi, with the current ratio of Wi-Fi to mobile data usage being 3:1. This Wi-Fi reliance is easily exploited with malicious intentions.

On the go, users will often connect to hotspots, making them an enticing attack subject for a cybercriminal, with rogue hotspots often being set up to steal data from corporate devices. Unencrypted Wi-Fi can also pose an issue, with hackers intercepting and monitoring traffic. This can lead to information such as bank details and sensitive corporate data being hijacked.

App Permissions

Mobile users have millions of apps available to them through authorised and supposedly regulated app stores, but it can be difficult on face-value to tell which ones are safe. Apps regularly request permission to access various features of a device, with users often granting them with little thought. Both Android and iOS apps have been seen to exploit this feature, collecting data from a wide variety of sources.

Common high-risk permissions requested from Android apps include:

33% of apps – read phone status

31% of apps – request precise location

13% of apps – read contacts

Less common but higher-risk Android app requests include:

9% of apps – call phone

5% of apps – read SMS

4% of apps – send SMS

Risks To Watch Out For

It’s not just attackers which are a significant danger to businesses. Negligence can also lead to vulnerabilities being exploited. These include:

  • Lock screen configuration: Any device lost, stolen or merely left unattended without being password-protected is at risk of having messages read, with sensitive apps and other data accessed.
  • Out-of-date operating system: Manufacturers frequently release OS updates, not just for performance improvements, but also for essential security patches to fix old vulnerabilities. Data shows that 57% of Android devices are running an OS at least two full versions behind the most recent release.
  • Jailbreaking: Apple devices only allow apps to be downloaded from the official App Store. Users circumventing this open their device up to unauthorised software which can potentially pose a threat.
  • Data leaks: Apps often leak information due to failing to encrypt the data, exposing personal information

90% of mobile data leaks expose a username

85% expose a password

2.3% expose credit card details

90%
85%
2.3%

How Can We Help?

The mobile threat landscape is ever-changing, and it can be difficult to ensure your security is reaching its full potential. Mobliciti can ensure your corporate and BYO devices are protected with a choice of Mobile Threat Defence. Our range of solutions protects both the user and the device from the evolving threats of Phishing, Smishing and zero-day cyber-attacks and malware.

To find out more, please get in touch.

Recommended Posts
Connect with us
Gap AnalysisData Breaches in the financial services