What are the Top Mobile Threats Our Company Should Prepare For?
Mobile devices represent a unique threat when it comes to your corporate IT security. Rather than staying in one place, they travel and can connect to any number of different Wi-Fi networks (public and private) each week.
Businesses in Sydney and other areas often use a BYOD (bring your own device) policy, which can leave the security of an employee’s personal phone in question, which means it could pose a risk to your business data.
Another reason that mobile device use for business is concerning is that mobile-targeted threats are often not addressed as aggressively as those to computers and servers.
But with mobile device at work increasing with the adoption of cloud applications, mobile attacks are becoming more prevalent, with certain types of malware being specifically targeted at smartphones and tablets. This makes mobile device security a vital part of your overall business IT security strategy.
In Q1 of 2020, security software developer Kaspersky detected 171,669 more malicious mobile threats than the previous quarter.
For the past year, mobile threats have been rising. Following, are the details on the types of security threats to mobile devices that you need to be prepared for.
Watch Out for These Rising Mobile Device Security Threats
From apps that are gleaning way too much sensitive data to banking trojans going after mobile wallet apps, there are plenty of threats to be on the lookout for.
Hidden Apps That Collect Data
A threat category that rose 30% between 2018 and 2019 was hidden apps. These are mobile apps that hide themselves after installation so the user can’t delete them and may forget they’re there.
Hidden apps were the most active mobile threat category in 2019, causing nearly 50% of all malicious incidents.
These apps often plant adware on a user’s mobile device and can also collect sensitive device data in the background. The app hides by initially mimicking a real app’s icon, then once installed, changes to reflecting the icon for Settings and giving an error message to the user when they try to click it open.
Using Your Phone to Post Fake Reviews
One way that hackers monetize mobile malware is to create fake ratings and reviews that boost their other apps that might deliver banking trojans or other malicious code.
This new family of malware is called LeifAccess or Shopper. What it does is exploit accessibility features in Android to create fake accounts, download apps without your knowledge and post reviews that can boost their ranking.
This type of app is particularly dangerous, because other than simply using your phone to post other fake reviews, it can install other more malicious apps on your device.
Legitimate Apps Hacked & Made Malicious
A new disturbing discovery is the hack of a legitimate app developer’s account to infect a popular app that has a good reputation with malware. Users ended up downloading a malware known as MalBus, which loads a dangerous Trojan disguised as a media file.
What MalBus does is try to phish for the user’s Google login. It also scans the device for sensitive keywords relate to political or military information and then uploads any documents matching those keywords.
This same tactic can be used with any keyword types such as those relating to credit card or banking information.
Fleeceware Can Scam Hundreds of Dollars
A new type of malware identified by SophosLabs is named Fleeceware because it’s designed to steal large amounts of money from those that download an app.
This type of mobile threat takes advantage of in-app purchases and often has a free trial period that requires credit card details to be provided. Users that think just uninstalling the app before the trial ends will keep them from being charged, end up with an unpleasant surprise.
This scam requires users to go through a complicated cancellation process, and in the meantime, they can be charged anywhere from $100 or more per month for an app that just offers simple functions.
Fleeceware threats can be particularly dangerous if an employee is trying to find an app to use for a business process and enters a company credit card to start a trial for one of these apps.
Remote Desktop Protocol Login Attempts
Many employers and employees have had to transition to working remotely due to the coronavirus pandemic. This has enabled takeover of mobile devices by hackers for remote desktop login (RDP) attempts. The shear “volume of internet noise” floating around networks in major cities, often facilitates this capability.
All it takes is for an employee to connect to the same public Wi-Fi as a hacker and not be protected with VPN or another security encryption, and that hacker can gain access to their device.
In a test by SophosLabs, a honeypot trap was set up to evaluate malicious RDP login attempts, and in Sydney their trap found 303,680 attempts by hackers to gain access, that was more than Mumbai and Singapore.
How to Keep Mobile Devices Protected
Just like any other good cybersecurity strategy, keeping mobile devices secure takes a layered approach.
Some of the tactics to use for mobile security include:
- Only download apps in official app stores
- Read all app reviews critically
- Use security software for mobile devices
- Keep software updated
- Use ID monitoring tools and alerts for account changes
Ensure You Have a Solid Mobile Device Security Plan
GKM2 can help your business expand your IT security plan to incorporate mobile security to keep your data protected wherever its used.
Contact us today for a free consultation. Call +61 2 9161 7171 or reach out online.