What is the current state of mobile security? Part 1
John Shier, senior security adviser at Sophos
If you’re like most people, your phone is by your side throughout your day. Thanks to payment apps, mobile GPS and mobile banking, our phones now double as a wallet, map, bank and so much more.
As new mobile technologies gather more data about us and integrate with almost every part of our lives, says John Shier, senior security adviser at Sophos, mobile security is getting an increasing amount of attention.
Here at Sophos, we are constantly researching the latest mobile threats. The good news is that in general, the state of mobile security is better than popular perception would have us believe. Mobile devices are increasingly making use of important security tools such as encryption, and subsequently are more difficult to hack than most people think. This holds true for most people who aren’t the targets of a well-funded and motivated attacker.
While this is encouraging, it is important that users still ensure that they are following proper mobile security precautions in order to avoid attacks, especially as dangerous new threats come to light from IoT-enabled devices controlled by smartphones. Likewise, mobile data privacy remains a key concern for consumers. So what are the biggest threats to mobile devices, and how exactly can users protect themselves?
Keep your apps secure
A large amount of malware infiltrating mobile devices is being downloaded onto phones through apps. These apps are usually downloaded on Android devices from a third party app store, and are often non-English apps that are unavailable in the Google app store. Downloading apps from these third party app stores opens users up to trojanised apps infected with malware. Similarly, ‘jailbreaking’ mobile devices in order to download unauthorised apps and software is likely to open users up to inadvertently downloading malware.
Often malware contained in trojanised third-party apps is associated with ad fraud. Apps infected with this type of malware typically automatically download other apps containing display ads. Every time these apps launch on the user’s phone, the cybercriminals responsible for the malware will get a fraction of a penny for that ad view.
A second popular type of attack we have seen contained in trojanised apps involves malware that automatically sends SMS text messages to premium rate SMS numbers. The malware will then delete warning notifications from the network provider and the messages from the sent folder, so the victim won’t notice the money being spent on SMS messages. Cybercriminals will again get a cut of the profits.
One cyberattack that we haven’t seen in wide use on mobile is ransomware. Unlike when ransomware infects a desktop or laptop, if a mobile becomes infected it’s likely the victim would need a second device to pay the ransom, something a cybercriminal couldn’t guarantee. The second challenge is that most users’ valuable mobile data is stored in apps that ransomware cannot get access to and is usually further protected by being backed up in the cloud.
Ultimately, ransomware is a less profitable option for cybercriminals than other schemes. Nonetheless, being infected with mobile ransomware is still possible and so it is critical that consumers maintain proper mobile security practices in order to protect themselves from this and more prevalent threats.
The author of this blog is John Shier, senior security adviser at Sophos
Comment on this article below or via Twitter @IoTGN