How many times today did you access sensitive and personal information on your mobile device? Did you check your work email? Access your bank account? Update your contact list with the personal identifiable information of your son’s hockey coach? Within one small but mighty device, you can now do so much. But if you aren’t careful so can technology savvy strangers.
Smart devices, rich with critical personal and financial data are increasingly being targetted by cyber criminals looking for new source of information to exploit – or pathways into larger pools of corporate data when individuals use the same device for work and play. Mobile cyber attacks rose by 40% in 2017 and experts suggest that may be simply the opening chapter in the attack on mobile devices.
With almost five billion global users accessing sensitive, personal and valuable banking, credit card, travel and corporate applications, we live in a mobile world. Advances in unified communications and growing penchant for people to work remotely means even the most traditional organizations are ditching desktop devices to have employees work on their mobiles.
Fortinet’s 2017 Q3 Threat Report makes it clear attackers have followed users to the mobile world and are focusing their efforts on infiltrating mobile devices. The report details that fact that one in four firms surveyed detected mobile malware.
How much does your mobile device know about you?
Attackers target mobile devices just as they would other devices – through SMS messaging, websites, spam, malware-ridden ads, and apps. Mobile devices are under constant attack across regions and industries, on both Android and iOS platforms. The threats to mobile users are generally made by experienced cyber criminals who are capable of compromising any device and enabling unauthorized access to the data within.
As most apps collect and track both user data and mobile device information, it is important users fully understand the relationship between this collection of personal information and malware. Take downloading an app for instance. While sharing information with mobile apps may not seem detrimental, attackers can take advantage of your personal information to collect your data and build a profile of your mobile behavior. Attackers can also take over your own mobile device, turning it into a bot and install even more malware on your system. Users must monitor the information and data that is being shared on their mobile via applications to keep themselves and their organization protected.
Protecting mobile devices from mobile cyberattackers
Unfortunately, mobile devices often don’t have the level of control, visibility, and protection that traditional systems receive. Effective mobile security strategies must deal with this reality through mobile application controls and malware protections built into the network to cover any device anywhere.
The risk from mobile malware is real. Organizations should take a practical approach to mobile security and educate employees, development teams and IT operational professionals about the necessity of mobile vigilance. As more employees utilize mobile devices for business, security investments should be a function of the risk and regulatory requirements.
This article is one of a six-part series exploring Fortinet’s Q3 2017 Threat Report. Download the threat report now.