Cybercriminals are becoming more sophisticated – creating new attacks for various threat vectors and developing variations on existing ones. In recent times, mobile has been particularly targeted by hackers – with McAfee reports showing over 16 million mobile malware attacks in 2017, resulting from 1.5 million new mobile malware.
In previous years, mobile malware was considered an unlikely threat – and consequently, many mobile device users thought they were immune from such threats. However, the McAfee reports show that this is no longer the case. Cybercriminals are stepping up their attack on mobile devices and no one is immune.
In a survey conducted by Dimensional Research for Check Point Software, over 20 percent of companies said that their mobile devices had been breached, with nearly 94 percent stating that they expected an increase in mobile attacks. Seventy four percent of the respondents suggested that securing mobile devices was becoming more difficult, while 20 percent didn’t even know that their devices were attacked.
According to Forrester’s annual security survey, over 69 percent of information workers bring their tablets to work; 68 percent use their own mobile devices (smartphones); and almost half use their own laptops for work-related functions.
With these numbers, the risk of mobile malware attack is high, considering the kind of corporate data (such as invoices, competitive data, contracts, intellectual property and customer information) contained in these devices.
Let’s take a look at the types of mobile malware that can negatively impact enterprises.
Dead apps
It is advised that users regularly check and update the status of their mobile apps. If the app is no longer supported by Apple and Google stores, it is best to delete them. An undisclosed number of apps are quietly being removed by security teams of both operating systems due to a number of issues ranging from copyright infringement and malware issues to leaking of user data to third parties.
IoT malware
Although still in its infancy, IoT malware is slowly gaining ground as hackers discover new vulnerabilities and develop sophisticated malware to exploit them. There are only 10 IoT malware families, and most of them are variations of each other.
However, there is sure to be an increase in the number of IoT malware since there are little or no security measures in place for IoT devices and they are increasingly being connected to smartphones.
Ad and click fraud
This form of malware is quickly becoming a top concern for cybersecurity experts. Mobile devices that are compromised through ad and click malware enables hackers to gain easy access into an enterprise’s internal network.
It works by sending users an SMS phish with a link to a malicious app download. Clicking the link triggers the automatic download and installation of the malicious app – after which, the app begins to exploit and gains control of the phone, stealing credentials and using it to gain access into internal networks.
Mobile botnets
A malware has been developed that can transform numerous mobile devices into botnets controlled by hackers. The first of this kind of malware, the Viking Horde, appeared in 2016 and targeted rooted and non- rooted Android devices.
It used proxied IP addresses to disguise ad clicks and generate fraudulent advertising revenue for its owner. Since the discovery of the Viking Horde, researchers have identified over a dozen other mobile botnets, including the Hummingbad, which infected more than 10 million Android devices.
The Pegasus spyware
One of the first major attacks on mobile devices, the Pegasus spyware was launched in August 2016. It was capable of hacking into any iPhones or iPad, conducting surveillance on the user and harvesting data (both corporate and personal).
Apple researchers also uncovered three zero-day vulnerabilities in iOS that if exploited, could form an attack chain capable of subverting even Apple’s robust security environment. However, these vulnerabilities have since been fixed with the release of the 9.3.5 patch.
In April 2017, cyberattacks developed a variant of the Pegasus spyware for the Android OS. The malware disguised itself as an app download while gaining root access to the device, enabling it to conduct continuous round-the-clock surveillance on the user.
Once it was discovered, Google bolstered its security measures and also included Play Protect security feature on the Google Play Store. Android and Apple are making giant strides towards creating more robust and secure operating systems.
However, cybercriminals are also busy, designing and developing new mobile malware for more dangerous, and insidious activities.
Despite these trends, security isn’t a top priority in app design since most developers focus on usability, simplicity and UI/UX. In most cases, mobile apps allow users to pass or store credentials without any form of encryption, or weak ones at best.
This inherent weakness in mobile app design, coupled with the proliferation of BYOD policies and the pervasiveness of mobile devices in the workplace, is the perfect recipe for increased mobile attacks on enterprises.
However, it is difficult for organizations to protect their entire mobile network due to the level of fragmentation. Instead, they can educate their employees on cybersecurity best practices and institute policies requiring them to install robust security software.
They can also take steps to encrypt mobile devices that have access to.