Mobile devices have become an increasingly vital component of many organizations’ IT infrastructure. The surge of remote work in response to the COVID-19 pandemic makes these devices the most convenient choice for many employees. However, mobile devices also carry significant security risks. As they become “critical infrastructure” for organizations, mobile security is a major concern: 54% of organizations feel that their mobile devices are less secure than other endpoints.
Mobile devices can be attacked at different levels. This includes the potential for malicious apps, network-level attacks, and exploitation of vulnerabilities within the devices and the mobile OS.
As mobile devices become increasingly important, they have received additional attention from cybercriminals. As a result, cyber threats against these devices have become more diverse.
Like desktop computers, mobile devices have software and Internet access. Mobile malware (i.e. malicious applications) and malicious websites can accomplish the same objectives (stealing data, encrypting data, etc.) on mobile phones as on traditional computers.
Malicious apps come in a variety of different forms. The most common types of malicious mobile apps are trojans that also perform ad and click scams.
Mobile ransomware is a particular type of mobile malware, but the increased usage of mobile devices for business has made it a more common and damaging malware variant. Mobile ransomware encrypts files on a mobile device and then requires a ransom payment for the decryption key to restore access to the encrypted data.
Phishing is one of the most common attack vectors in existence. Most cyberattacks begin with a phishing email that carries a malicious link or an attachment containing malware. On mobile devices, phishing attacks have a variety of media for delivering their links and malware, including email, SMS messaging, social media platforms, and other applications.
In fact, while emails are what people most commonly think of when they hear phishing, they are not even close to the most commonly phishing vector on mobile devices. In fact, emails only account for 15% of mobile phishing attacks, placing them behind messaging, social media and “other” apps (not social, messaging, gaming, or productivity).
Man-in-the-Middle (MitM) attacks involve an attacker intercepting network communications to either eavesdrop on or modify the data being transmitted. While this type of attack may be possible on different systems, mobile devices are especially susceptible to MitM attacks. Unlike web traffic, which commonly uses encrypted HTTPS for communication, SMS messages can be easily intercepted, and mobile applications may use unencrypted HTTP for transfer of potentially sensitive information.
MitM attacks typically require an employee to be connected to an untrusted or compromised network, such as public Wi-Fi or cellular networks. However, the majority of organizations lack policies prohibiting the use of these networks, making this sort of attack entirely feasible if solutions like a virtual private network (VPN) are not used.
Jailbreaking and rooting are terms for gaining administrator access to iOS and Android mobile devices. These types of attacks take advantage of vulnerabilities in the mobile OSs to achieve root access on these devices. These increased permissions enable an attacker to gain access to more data and cause more damage than with the limited permissions available by default. Many mobile users will jailbreak/root their own devices to enable them to delete unwanted default apps or install apps from untrusted app stores, making this attack even easier to perform.
Often, the focus of cybersecurity is on top-layer software, but lower levels of the software stack can contain vulnerabilities and be attacked as well. With mobile devices – like computers – vulnerabilities in the mobile OS or the device itself can be exploited by an attacker. Often, these exploits are more damaging than higher-level ones because they exist below and outside the visibility of the device’s security solutions.
With the large and diverse mobile threat landscape, businesses require enterprise mobile security solutions. This is especially true as the shift to remote work makes these mobile devices a more common and critical component of an organization’s IT infrastructure.
An effective mobile threat defense solution needs to be able to detect and respond to a variety of different attacks while providing a positive user experience. Accomplishing this requires implementing these guiding principles:
Check Point’s SandBlast Mobile provides a comprehensive mobile security to keep corporate data
safe by securing employees’ mobile devices across all attack vectors: apps, network and OS solution. Check To check outsee SandBlast Mobile’s capabilities for yourself, request a personalized demo with a mobile security expert. You’re also welcome to try it out for yourself with a free trial. And for further information about the guiding principles and other important aspects of a mobile security solution, check out this mobile protection buyer’s guide.