mobile devices reach deep
into corporate servers and sensitive databases
increasing our exposure to cyber-attack
The mobile threat landscape is front of mind for organisations in 2020 and even more so with the shift to remote working due to Covid-19.
The fall-out from a cyber-attack can be disastrous, both personally for employees and also for the company, especially if the personal data of customers is compromised. A cyber breach will erode public trust and damage corporate reputation. It can also be extremely expensive.
And there is no hiding from security breaches. Since the Mandatory Data Breach Notification Scheme came into effect in Australia, in February 2018, penalties for failing to report breaches are severe.
Mobile Threat Landscape 2020
Mobile-targeted threat is growing
Cyber-attacks are usually thought of as targeting networks, but the mobile threat landscape is a fast growing risk. In fact mobile phishing attacks increased by 350% in March 2020 as hackers targeted employees working from home.
With more web traffic now taking place on mobile than desktop, scammers are taking note by hitting victims with regular device-centric scams that leverage SMS and popular apps like WhatsApp.
Many organisations have embraced BYOD (Bring Your Own Device) policies with unsecured devices reaching deep into corporate servers and sensitive databases. Attackers have found new ways to trick end users into actions which have allowed malicious infiltration and theft of highly confidential identity data.
MobileCorp mobile security consultancy
Mobile security solutions provide protection by preventing, detecting and remediating attacks.
After 30 years specialising in mobility, MobileCorp can leverage extensive knowledge and experience in a mobile security capacity.
MobileCorp deploys and manages security SaaS products from market leading vendors. We focus on mitigating threats at Device, Network and Application layers.
While mobile security programs can standalone, they are more sensibly managed in combination with an MDM|UEM environment.
Our services include:
Common mobile-centric threats in 2020
Targeting organisations through mobile devices is becoming more common with attack vectors including:
- Mobile phishing is on the rise with a new phishing site launched every 20 seconds and only active for an average of 4 hours. Meanwhile 85% of mobile phishing is occurring outside of email. There are numerous channels to reach a mobile device that, unlike email, are not under phishing protection. This makes mobile devices a good choice for attacks, to commit fraud directly or are part of a larger attack.
- Malware – spyware, ransomware, trojan, banker, adware – are all increasing and becoming more aggressive. They aim to steal data or lock the user out of data to cause inconvenience.
- Malicious URLs sent via email, text, social or instant messaging and other apps, are almost impossible for an end user to detect with phishing sites now utilising HTTPS certification or Punycode attacks.
- Rogue Wi-Fi hotspots involve hackers masquerading as a free public Wi-Fi network and enticing users to connect allowing the theft of identity data.
- Counterfeit apps, many of which are found on official App stores, require permissions to download. Detailed data from users, including geographic location information, email addresses and device unique identifier numbers, is easily siphoned off by hackers.