The pandemic had a dramatic impact on business as usual for many organizations, causing many to shift to a remote work model with a significant percentage of their employees working from home.
The shift to remote and hybrid work models has caused widespread usage of mobile devices for business and has brought these devices to the attention of cybercriminals. As mobile devices have become a core part of how companies do business, 97% of companies have faced cyberattacks involving mobile threats.
As mobile devices have gained more access to corporate networks and sensitive data, the mobile attack surface has grown dramatically. Check Point explores the key mobile security trends in its Mobile Security Report.
Most organizations have experienced a mobile malware attack last year, and 93% of them began in a device network. The most common types of malicious network traffic from mobile devices include:
Malware has always been a major cyber threat, but with the growth of remote work and bring your own device (BYOD) policies, cybercriminals are increasingly targeting mobile devices. Last year, nearly half of companies (46%) experienced a security incident in which an employee downloaded a malicious mobile application. Some of the most common forms of mobile malware include:
In addition to malicious mobile applications, organizations also face cybersecurity threats from legitimate mobile apps. In 2020, several of the major social media applications (Facebook, Instagram, WhatsApp) experienced major vulnerabilities.
Also, the Google Play Core Library, which links applications to the Google Play Store, had a remote code execution (RCE) vulnerability. About 8% of Google Play Applications were exploited using this vulnerability.
The mobile applications running on a mobile device operate under the assumption that the underlying hardware is secure and operational. However, Check Point Research has found that at least 40% of mobile devices contain hardware vulnerabilities.
These low-level vulnerabilities can have a variety of impacts on a mobile device and its users, including:
Mobile Device Management (MDM) solutions are designed to allow an organization to centrally control all of the mobile devices within its network. While this can be an asset, it can also be a liability for an organization.
In 2020, cybercriminals have begun regularly targeting MDM solutions in their attacks. By exploiting an MDM controller, they gain control over all of the systems managed by that device.
In the past, mobile devices have not been a priority in corporate security strategies. With most employees working from the office and limited mobile device usage, mobile device security has been overshadowed by network and other endpoint security concerns.
As remote and hybrid work becomes more common, companies need mobile security solutions that can address the mobile security threats of now and in the future. A mobile security solution should include certain key features, including:
OS-Level Protection: Mobile devices are vulnerable to jailbreaking, rooting, and OS exploits that should be detected and prevented.
An effective mobile security solution provides protection against a range of mobile-specific and general cyber threats. Check Point Harmony Mobile is a Mobile Threat Defense (MTD) solution that meets the mobile security needs of the enterprise and provides full integration with other Harmony solutions for simpler management and improved protection.
To learn more about the current state of the mobile threat landscape, check out Check Point’s Mobile Security Report 2022. Then, learn more about protecting against these threats and what to look for in a mobile security solution with this buyer’s guide. You’re also welcome to see how Harmony Mobile meets your company’s security needs with a free trial.