Most people are aware of the malicious threats targeting their computers but many still don’t realise that their mobile devices are a lucrative business for cybercriminals.
The recently targeted ransomware attacks on older versions of Windows PCs was one of the most significant cyber attacks in recent digital history.
Though this type of cyber attack is one long forewarned by security professionals, ransomware will continue to be a popular cyberattack, attracting an ever-growing number of malicious actors, keen to cash-in on the vulnerabilities.
It is time for organisations and individuals to take action to improve their cyber resilience immediately, not only on PCs but also on smartphones, warned Gert-Jan Schenk, vice-president for EMEA at San Francisco-based Lookout Mobile Security.
Lookout has a partnership with Microsoft to supply mobile enterprise suite and Microsoft has invested in Lookout.
In an increasingly mobile-first, cloud-first world, Schenk said the need for safeguarding corporate resources has never been greater.
“Today’s increasingly digital world means working remotely is only going to increase, as well the use of smartphones to access corporate information. This means that smartphones desperately need the same level of protection we currently install on our desktops and laptops,” he said.
By failing to address mobile security, he said that it is wasting time and effort on maintaining other security measures because hackers can still gain access.
Schenk said the growing adoption of mobile in the enterprise sector has allowed for increased flexibility and productivity. But, due to this shift, mobile devices have rapidly become the target ground for a wide spectrum of risks that includes malicious targeted attacks to devices and network connections, a range of malware families, non-compliant apps that leak data, and vulnerabilities in device operating systems or apps.
“95 per cent of PCs have endpoint security while 95 per cent of the mobile devices has no security despite mobiles having sensitive data on it. The mobiles today are powerful as a PC but no security,” Schenk said.
When asked why people are not bothered about the security on their phones, he said that it is due to the evolution of the mobile technology. Mobiles started as a phone but now people are using their mobile more than the PC. A lot of companies and corporates still don’t understand what the possibilities on this device are. Most of the people have two identities on the mobile — personal and private.
“Most of the big security firms provide device management but when you look at the real security at what apps do with your data and protecting you against malicious attacks, there are many vendors but none of the traditional players provide mobile security for corporate users as well as consumers,” he said.
He said that most of the apps people are using on their phones are free but the business model of the free apps is to sell your data to third parties. Sometimes, it could be spyware that can switch on your camera and microphone remotely. Your address book data is money for another organisation.
Most apps are coming from the apps store but increasingly, many apps are sideloaded or downloaded from third-party apps stores. Legitimate app stores have stringent measures but apps that are sideloaded or from third-party stores don’t have security checks.
He said that many of the malicious apps are taken out of the apps store but there are apps that are slipping through the process.
“Most of the organisations cannot keep track of the apps downloaded onto a mobile, so, what we provide them is that organisations can set policies for not to download apps that read address book or apps that have access to camera and microphone,” he said.
With Apple seeking to increase its penetration into the enterprises, he said that they [Apple] have started issuing certificates so that organisations can develop apps quickly and post it on their company apps store.
Lot of company apps are not coming through the app stores as companies don’t want their apps on the apps store. Many companies are developing apps through third parties.
In the mobile threat landscape, “what we are seeing is the rise of targeted attacks. There is a lot of spyware for Android and Apple and it is a nasty type of malware. The adware is getting more aggressive and most people have ad blockers on their mobile device. The adware is capable of turning into a rootware. Once something is rooted, there are additional risks entering your device,” he said.
“We are seeing ransomware popping up but not as in PCs, and it is because mobile devices are not easy to hijack as PCs. The recent ransomware is targeted at older versions of Windows that are not patched. The mobile OSs are better controlled in design. In PCs, people have access to the command line but in the mobile space, it is apps,” he said.
Android ecosystem is not as controlled as Apple. Android is an open platform and app developers have easy access and that also brings risks into the platform.
He said that it is difficult for Google to win Android malware as it has different versions and versions from smartphone manufacturers. That also means hackers are able to infect Android phones more easily than iPhones.
“Hackers will know you better than yourself by having access to your phone. The hackers can know who you talk to, get access to your emails and what you browse. It is easy for a hacker to predict your life,” he said.
As long as money can be made, he said that attacks are going to become sophisticated and more targeted. If hackers spread it too widely, the risk of getting noticed is higher. That is why the attacks “we are seeing today are very targeted,” he said.
With the advent of machine learning and artificial intelligence, he said that the company is able to analyse 90,000 apps every day, otherwise, it would be impossible to do it every day manually by humans.
“We analyse the code similarities as most of the malware are recycled. Hackers take the old malware and make some changes and the traditional platform will not spot it. They only look at the signature. What we do with the machine learning capabilities is that we look at the codes being used. We recognise the code being used previously and block it.
“Computers don’t make mistakes like humans and it is faster. If something happens to one of the apps on your phone, we inform you that a service has been hacked and also produce breach report,” he said.
Over the course of six months, Lookout found that on average, 47 out of 1,000 Android enterprise devices encountered an app-based threat.
As of April 14th, looking at over one million of Lookout consumer devices, just 43 per cent of users had updated their iOS operating systems to or above version 10.3, leaving user devices open to security vulnerabilities patched by Apple in later updates.
Lookout found that one in 1,000 of enterprise iOS devices are jailbroken while five in 1,000 of enterprise Android devices are rooted.