Are mobile devices leaving the door open to your organisation?

🚨 The Hidden Risk: Your Smartphone and Mobile Cybersecurity

Your smartphone is a constant source of cybersecurity risk. While a compromised device severely impacts an individual, the financial danger is exponentially higher for organizations. According to a report by Lookout and the Ponemon Institute, enterprises could face losses as high as US$26.4 million from a single mobile data breach.

Device security hazards are not limited to large enterprises; businesses of all sizes must be aware of these mobile IT threats and learn how to mitigate them.

Malware Mischief

Malware is one of the most pervasive ways cyber attackers infiltrate mobile devices.

• Prevalence: McAfee’s 2016 Mobile Threat Report documented 37 million pieces of malware found on outlets like the Google Play and Apple App Stores in a six-month period.
• Platform Risk: The most prolific instances of malware are often concentrated on the Android platform due to its more open app environment compared to iOS.
• Infection Methods: Downloading compromised apps is just one vector. Attackers also use other sneaky techniques:
  • SMiShing: A malicious link is sent via text message (SMS). Clicking the link directs the user to a website that secretly installs malware onto the device.
  • Drive-by Download: Executed when a user visits an infected website on a mobile browser. This installs a covert downloader onto the device, creating an entry point for malware without the user’s knowledge.
• Infection Rate: The problem is prolific: the Lookout and Ponemon Institute report found that an average of 3% of employees in an organization have a device infected with malware at any given time.

Risk and Resolution

Once malware is rooted in a device, it can cause severe damage, often by seeking out sensitive information like credit card details or login credentials.

• Examples: McAfee identified specific pieces of malware, including:
  • Kemoge: Active in over 20 countries, it can gain control of a device using a root exploit.
  • SlemBunk: This malware is designed to steal user credentials from infected devices.

Mobile malware gives cybercriminals the necessary tools and access to execute a damaging attack. Given the tenacity and sophistication of cybercriminals, developing a strong security strategy is crucial. Training employees to recognize and avoid these risks is an effective measure, but organizations must first clearly understand the threats they face.

Given the tenacity and sophistication of cybercriminals, it can be difficult to effectively implement a strong security strategy. Training employees to recognise and avoid risks is an effective measure, but first, organisations must know what those risks are.

Fortunately, the team at Imagetext Integrated Solutions can help you understand your security concerns and develop an appropriate strategy. Contact us today to learn more.