A recent study from Check Point found that every business has been hit by at least one mobile cyberattack during 2017. Key findings of the report were:

  • Every company is under some form of mobile attack
  • The most affected industries are financial services and government
  • Most mobile attacks occur on businesses in the Americas
  • iOS devices are not immune to breaches, but the majority of attacks are on Androids

To help us go a little deeper on the findings, we talked with Brian Gleeson, head of mobile product marketing at Check Point.

Q: According to the report, the industry sectors that experienced the most mobile malware attacks were Financial services (29%) and government (26%). Why is that and what should they be doing differently?

A: It’s pretty simple: Both industries offer valuable caches for attackers, such as large repositories of financial and personal information. In my opinion, there are four key things CISOs should be doing to address this:

Brian Gleeson
Brian Gleeson, Head of Mobile Product Marketing
  1. TAKE A CLOSER LOOK. Do your policies need updating? Mobile technology moves fast, so the security plans you make today could easily be outdated tomorrow. Make sure that whatever policies you’re enforcing on mobile devices can keep up with the security concerns that emerging technologies can throw your way.
  2. DETECT ALL RISKS. Do your current solutions detect both known AND unknown threats? It’s easy to detect vulnerabilities and threats we know about, but it’s much harder to identify the ones we’ve yet to see. The right solutions let you look at suspicious behaviors for key indicators of previously unknown attacks.
  3. INTEGRATE CURRENT WITH NEW. Do your newer security solutions integrate with your existing systems? Marrying what you already have with complementary new solutions is a great way to extend their life and protect your investment. Advanced mobile security should be woven into these systems for maximum protection.
  4. COVER ALL YOUR BASES. Do you manage a platform or patchwork? Keeping employees productive and secure while mobile requires unified and comprehensive security that protects devices, networks, and apps. This ensures your sensitive business data remains safe no matter how or from where it’s accessed.

Q: Why are Androids more prone to attacks than iOS? Are cyberattacks on iOS devices on the rise? 

A: Android – because it is an open operating system – is more prone to malware and hacking exploits. Apple, meanwhile, has done a very good job securing iPhones and iPads. But it is not invulnerable to attacks. What’s remarkable is that companies in tightly regulated industries, such as the financial services sector, insist that their employees use iPhones because they believe they are secure. And yet, the research shows that financial services and government are among the highest with compromised iOS devices.

Q: The study looked at the types of mobile malware hitting businesses–premium dialers, infostealers, rough ad networks, and mRATS (mobile remote access Trojans). What are these and what makes them attractive to hackers?

A: Premium dialers abuse SMS and call permissions to charge the device’s owner for fraudulent calls and text messages to premium services. These pesky malware, such as ExpensiveWall, operate silently and sometimes can be found on official app stores.

Infostealers are malicious software programs that gather confidential information from the compromised computer or device.  An infostealer is a type of Trojan program that has a very specific payload goal.

Rough ad networks are online advertising networks that connect advertisers to web sites that want to host advertisements. But when the rough ad network is laced with malware, it games the system by simulating ad clicks and downloading software so the ad network gets paid for fraudulent activity.

mRATS or Mobile Remote Access Trojans are tools that let attackers access infected devices remotely and gather information from all the sensors available on the device. That can include its camera, microphone, message and call directories, and much more.

Q: What are the industry analysts saying about all this?

A: Patrick Hevesi of Gartner was quoted in Dark Reading as saying, “There are billions of mobile devices for the attackers to try and gain access and some form of monetary gain….I feel as more and more people continue to make phones and tablets their primary device, the attacks will continue to grow.”

Dark Reading also talked to Phil Hochmuth from IDC. Hochmuth pointed out that BYOD devices are usually more susceptible to attack than corporate devices because they are not managed by the same level of security measures as an enterprise mobility management platform or mobile threat management platform which can be more restrictive.

Get the full report on mobile cyberattacks here.