Are mobile devices leaving the door open to your organisation?

Chances are, you’re carrying a cybersecurity risk with you everywhere you go – your smartphone. A compromised phone can have a major impact on an individual, but the risk is even higher for organisations. In fact, according to a report by Lookout and the Ponemon Institute, enterprises could experience losses as high as US$26.4 million from a mobile data breach.

Device security hazards, however, aren’t just limited to the enterprise level – businesses of all sizes need to be aware of these threats. Let’s take a closer look at the risks involved with mobile IT solutions and how to mitigate them.

Malware mischief

There are many ways cyber attackers can infiltrate a mobile device, but malware is certainly one of the most pervasive. In its 2016 Mobile Threat Report, McAfee reported that 37 million pieces of malware were found on outlets like Google Play and the Apple App Store in a six-month period. The most prolific instances, however, have been limited to the Android platform, as it is a more open app environment than iOS.

Device security hazards, however, aren’t just limited to the enterprise level – businesses of all sizes need to be aware of these threats. Let’s take a closer look at the risks involved with mobile IT solutions and how to mitigate them.

Malware mischief

There are many ways cyberattackers can infiltrate a mobile device, but malware is certainly one of the most pervasive. In its 2016 Mobile Threat Report, McAfee reported that 37 million pieces of malware were found on outlets like Google Play and the Apple App Store in a six-month period. The most prolific instances, however, have been limited to the Android platform, as it is a more open app environment than iOS.

McAfee found 37 million pieces of malware on app stores over a six-month period.

Downloading compromised apps is just one of the many ways unsuspecting victims open their phones up to malware. Cyberattackers employ a number of other techniques, like SMiShing. This intrusion method involves a malicious link sent via text message. When the user clicks on the link, he or she is directed to a website that places malware onto the device. An even sneakier technique is the drive-by download. This is executed when a user visits an infected website on a mobile browser, which installs a covert downloader onto the device. This creates an opening for malware without the user’s knowledge.

There’s no question that malware is a menace, but it’s also a particularly prolific one. The Lookout and Ponemon Institute report discovered that an average of 3 per cent of employees in an organisation have a device infected with malware at any given time.

Risk and resolution

Once malware is rooted into a device, there are many ways it can wreak havoc. One of the most common is searching out sensitive information like credit card details or login credentials. McAfee identified several such pieces of malware, including Kemoge and SlemBunk. Kemoge – active in over 20 countries – can control a device using a root exploit, while SlemBunk steals user credentials from infected devices.

Given the tenacity and sophistication of cybercriminals, it can be difficult to effectively implement a strong security strategy. Training employees to recognise and avoid risks is an effective measure, but first, organisations must know what those risks are.

Fortunately, the team at Imagetext Integrated Solutions can help you understand your security concerns and develop an appropriate strategy. Contact us today to learn more.