Mobile security is still young and the landscape changes fast. Security leaders are learning that the principles of desktop computing don’t necessarily apply when it comes to mobile devices.
What do those working in mobile need to be aware of when it comes to the latest threats? A poll undertaken by the Enterprise Mobility Exchange revealed the biggest cybersecurity concerns among those working in the industry.
1) Data Leakage
Far and away the biggest fear for mobile security leaders is the risk of data loss. Data leakage can refer to a variety of different risks. It might be an application communicating without encryption, or a website that transmits data to undesirable locations. It may even be shadow IT – when employees either accidentally or maliciously share data in places that their organization does not wish them to. Understanding and combatting this significant threat requires software that can track the transmission of data that flows into and out of each mobile device in your fleet.
2) Phishing Attacks
In an environment in which ecosystems are tightly controlled by Google and Apple, the likelihood that attackers can find ways to compromise the OS or the approved applications made available through official app stores is minimal. It’s no surprise then to see that phishing is one of the top two biggest concerns in mobile security. Smaller screens, a streamlined user experience and a distracted mode of attention are all reasons that phishing campaigns are increasingly targeting the mobile user. Mobile also offers more avenues than the traditional medium of email – SMS, WhatsApp, Skype and even social media all present potentially lucrative forms of phishing for bad actors.
3) Insecure Apps
Applications might be considered insecure for all kinds of reasons. The libraries that they access could be in high risk locations, and just like with data leakage, information may be being sent to places it shouldn’t be. Insecure apps are typically not even the work of attackers; instead they are often mistakes or oversights made by legitimate developers that have accidentally exposed PII to potential interception, or carelessly included app permissions privileges that extend far beyond the needs of the app itself.
Although not as widespread on mobile as it is in traditional computing, spyware is a particularly nasty form of malware. These apps will often masquerade as legitimate games or productivity tools but will secretly harvest user information. Some particularly nasty variants will even be able to privately listen to ambient audio, recording the conversations taking place near the device and uploading them to cloud storage destinations. Although spyware is a scary prospect for most organizations, its relatively small scope and the difficulty in bypassing app store security, MTD tools or network-based security like NetMotion Mobility significantly decrease the likelihood of such attacks.
5) Network Spoofing
Spoofing a network is like spoofing anything else – pretending to be something you’re not. In the most simple example, an attacker would use something like what’s known as a WiFi Pineapple to create a portable WiFi hotspot. They would then call their network something like Starbucks free WiFi and sit in the cafe, waiting for people to connect. The activity of any device connecting to that network would of course be available to the attacker, including personal information and login credentials. Many of these attacks might even have a particular target in mind – such as a CEO waiting in a particular airport lounge. Fewer than 5% consider this to be the biggest mobile security risk as it isn’t especially widespread, but it can be devastating when such an attack does occur. (Learn more about Man-in-the-Middle attacks.)
Like spyware, ransomware is another form of malware. Rather than secretly extracting data from infected devices, however, Ransomware makes it very clear to the user that their mobile has been compromised. Many such threats – such as SLocker or Wannacry – will totally lock the user out of their device and demand payment as the only solution. Often, files will be scrambled (encrypted) and cryptocurrency must be transferred to private accounts of the attackers in order to unscramble them. This is a particularly dangerous form of mobile attack but as of 2019 remains relatively rare, at least on corporate devices protected by enterprise security software.