No matter how well a managed service provider (MSP) secures a client’s network, none of that matters if a hacker can gain access via a mobile device. According to statistics, mobile devices are an increasingly attractive target for hackers.
Based on Zimperium’s annual Mobile Threat Report, mobile malware continues to increase in volume and the number of variants detected. Between 2021 and 2022, the number of unique mobile malware samples rose by 51 percent, with more than 920,000 samples detected. Other alarming findings of the report include:
- Between 2021 and 2022, the number of unique mobile malware samples rose 51 percent, with more than 920,000 samples detected, including Dirty RatMilad, MoneyMonger, and Dark Herring.
-
According to the report, malware affected 1 out of 50 Android devices in 2021. It increased in 2022 to 1 out of every 20 devices.
The sheer number of mobile devices drives the trend, and people’s comfort with them often means lax security. But does that necessarily translate into a threat to network security? Opinions vary among cybersecurity specialists and thinkers. However, everyone agrees that mobile devices often lack security and people need to beef up their defenses.
Familiarity equals laxity
Marcelo Barros is a renowned cybersecurity expert currently serving as the global market leader at Hacker Rangers Security Awareness. People often treat mobile devices as “personal items,” becoming so familiar with their phones and tablets that they forget about the dangers these devices pose. “These devices can pose a significant threat to network security, especially because people often neglect their security measures compared to other devices,” Barros states.
He adds that MSPs and CISOs must implement comprehensive strategies to enhance network protection against intrusions via mobile devices. A comprehensive strategy includes:
- Enforcing strong authentication
- Deploying MDM solutions
- Ensuring regular security updates
- Providing network segmentation
- Promoting user education and awareness
“We often see the education and awareness step being strongly neglected. Many companies struggle to regularly educate users about the risks associated with mobile devices. They also struggle to provide training on safe practices. This includes recognizing phishing attempts and avoiding insecure Wi-Fi networks,” Barros explains.
The danger comes with how people often use their phones for work and personal. “It’s important to remember that most people use the same mobile device for both work and personal use, and their security is not guaranteed by IT teams. Most policies allow users to bring their own devices and connect to company applications and networks,” Barros shares. According to Barros, phishing attacks, malware, unsecured Wi-Fi connections, and lost or stolen devices are just some of the risks. The portability and personal use of mobile devices increase their vulnerability. This makes them critical points of focus for companies’ cybersecurity efforts, including awareness training.
Is mobile a lesser threat?
A malicious threat directly jumping from a mobile device to a network-attached computer is not very likely. Nick Hyatt, a threat intelligence expert, says a compromised mobile device can still present many threats to a network.
“For example, many pieces of mobile malware are designed to harvest user data, including credentials. If a user has sensitive data on their mobile device, that information could be exfiltrated by threat actors,” explains Hyatt. Harvested credentials can enable access to networks and facilitate further malicious activity.
As the Zimperium report shows, mobile device malware is common, but it’s still not the most common threat to a larger network.
“The level of effort required to compromise a mobile device and then pivot to a corporate network does not provide as much of a return on investment as, say, a regular phishing email,” Hyatt says. “That phishing email is the more effective gateway, whether the email is checked on a mobile device or a computer. That is one reason why mobile device compromises are usually on a mass scale via compromised apps uploaded to mobile stores or the attacks are very targeted on specific people.”
He thinks mobile device manufacturers will put more safeguards in place as more research into mobile spyware applications comes to light. “We’ll see more of a shift to the “walled garden” concept where you can’t install apps that aren’t approved. I also think we will see more evolution of monitoring capability for mobile devices, as more and more people move to tablets and other types of non-desktop or laptop systems,” concludes Hyatt.
Photo: Tero Vesalainen / Shutterstock