We are all using more and more mobile endpoints. This allows knowledge workers to be productive almost anywhere, but simultaneously, it brings us face to face with an increasingly complex threat landscape. According to recent figures from Kaspersky, mobile devices are an increasingly popular target. We discussed this with Lead Security Researcher Marc Rivero and Senior Product Marketing Manager Oleg Gorobets.
Rivero cites statistics that show that cyber criminals are fully focused on mobile endpoints. Last year, Kaspersky detected more than 33.3 million attacks on smartphone users. Various types of malware and unwanted software are involved. Adware accounts for 57 percent of the attacked users, followed by Trojan horses (25 percent) and RiskTools (12 percent). A notable shift is the explosive growth of Trojan banker malware, which steals user data for online banking, e-payment services and credit card systems. The number of attacks with this type of malware rose from 420,000 to 1,242,000, which brings it to fourth place with 6 percent.
Despite years of warnings, it is difficult to ignore that smartphones are a growing target. The relatively weaker security layers of smartphones and tablets make it more attractive for cybercriminals to circumvent traditional defenses. It is easier to complete a phishing attack via mobile devices, there is less control over app stores, and there is more reliance on public Wi-Fi networks. In addition to this, endpoints are used to access business applications, and it is easy to see why cyber criminals are attracted to carrying out attacks. Ideally, we will move towards a world in which we make the risks manageable because, despite the risks, we cannot do without these devices.
Mobile devices are the weak link
With mobile endpoints, there is an increased risk of the device being lost or stolen. This has far-reaching consequences. Not only do you physically lose the object, but also control over sensitive information. From a security perspective, you can make relatively easy gains by embracing multi-factor authentication. You can choose from various options, although the quality of the factor diferentiates. An authenticator app is often preferable, emails less so because they are an attractive target for hackers.
If you want to get this right as a company, you can choose to roll out and enforce an MFA policy. This makes it much more difficult for attackers to exploit a number of poorly secured endpoints. It is also wise to check whether you have invested sufficiently in mobile security. Are the vulnerable home networks used in the hybrid era sufficiently monitored? Do you have a thorough patch policy? Are there sufficient security solutions that recognize and eliminate malware threats?
Democratization of cybercrime
Although the ease of entry is to blame for the large wave of attacks coming towards the endpoints, it is not the only factor. The emergence of advanced threat tools on the dark web has enabled even less tech-savvy individuals to perform powerful cyber attacks. For a relatively small amount of cryptocurrency, an amateur can purchase malware-as-a-service and launch an attack that can majorly impact a company. This malware-as-a-service is also fully maintained and developed.
This democratization of cybercrime means that the threshold for carrying out attacks has been lowered. In the past, someone needed knowledge of coding and networks to successfully attack. Nowadays, a little knowledge of technology is enough to carry out very damaging attacks. Even on mobile endpoints, because one weak point can be the gateway to many more parts of the company network. The damage costs for a company can then rise to hundreds of thousands or even millions of euros.