Sign up to our newsletter
Mobile technology has come a long way in a relatively short space of time. In less than 30 years we’ve moved away from big, brick-like cellular phones and a nascent internet to a world of super-slim and powerful smartphones, tablets and convertible laptops that are able to transmit and store data, as well as hook up the internet, with a simple tap.
While these devices offer us increased internet connectivity and day-to-day convenience, they also carry considerable security risks. In this feature we take a look the reasons behind the growing threat of mobile-related cybercrime.
More data could be more danger with mobile devices
Not only is more and more data being generated on a daily basis, we are, at home and at work, storing, sharing and accessing huge amounts of personal and corporate data.
And cybercriminals know this. As a result, they were shifting their focus and efforts to smartphones and tablets, appreciative of the fact that they can possibly steal more money and data from their victims this way.
The security risks are specifically notable in the workplace, where smartphones and tablets are increasingly being used across all types of organizations under BYOD (bring your own device).
This has been causing headaches for IT security administrators in terms of management and the securing of sensitive corporate data, while attackers have seen this development as another way to compromise businesses.
Cyberattacks on mobiles increasing by the day
Cyberattacks on mobile devices, especially smartphones, have become all too common. And over the last year alone, we’ve seen cybercriminals deploy all sorts of effective strategies.
From Masque to Freak, Stagefright to CORED, and YiSpecter to Wirelurker, there appears to be no end to vulnerability-exposing, malware-deploying schemes that not only corrupt devices, but result in the loss of data and money.
Privacy has also been called into question, as so many of these mobile apps collect huge quantities of data and store them on the cloud as a matter of fact.
This was best exemplified by the major data breach experienced by multiple celebrities who were using Apple’s iCloud to host their personal photographs on. These pictures were subsequently leaked online, forcing the tech giant to bolster the security around this.
Threats have evolved to be more sophisticated
“There are still two main causes of data loss on mobile devices: physical device loss and misuse of apps. What has changed is the severity of the consequences.” said Gartner’s research director Dionisio Zumerle recently.
“In healthcare, for example, an increasing number of physicians are using tablets to process sensitive data about their patients. In finance, brokers are using their smartphones to exchange sensitive information.”
For cybercriminals then, the economics of mobile attacks are obvious. By attacking these devices, they can reach and infect more machines, and earn more money by exploiting individual users or by selling their details via the black market.
These devices, less we forget, are not only holding huge quantities of data and information but also have identities attached which can be used to compromise other services.
Businesses worry about smartphone risks
Some organizations have banned personally owned mobile devices, while others insist that staff use corporately deployed devices (whereby there is a certain level of assurance in the security restrictions in place). Policies like this, needless to say, have caused some serious ructions in the business world.
Putting in place security measures to stay secure
According to enterprise mobility and information security experts, these restrictive measures are vital in the fight against cybercrime. It requires a level of consent however, with staff encouraged to sign up to a mobile security policy (which then becomes part of the culture of any given workplace).
Again, this is to be viewed as a natural, if not inevitable development. As Rolf von Roessing, former vice-president of security trade body ISACA, predicted in front of an audience of IT professionals at the 2013 EuroCACS conference, mobile threats are becoming more complex and difficult to deal with. You need to therefore be proactive in mitigating any risks.
On the security side, experts recommend downloading security solutions, regularly updating their operating systems and apps, adhering to best practice when it comes to passwords and paying close attention to suspicious emails or social media links.“While the threat is universal, mobile security doesn’t have to be difficult.”
Advice like this is also applicable to individuals, both personally and professionally, as, after all, cybercriminals have their eyes on all mobile users, especially those who are viewed as being most vulnerable (easy targets).
While the threat is universal, being protected doesn’t have to be difficult. If anything, it is becoming increasingly important in today’s digital world. Make sure you are not left behind.
Author Editor, ESET