Remember when mobilegeddon was all the rage throughout the
net? It was interesting on the surface,
but unless you were a marketing professional, you probably just took those
announcements in stride. Why focus your
efforts on understanding the details of the mobile presence for Google if you
barely have to interact with it? In a
way, that sort of thinking does make sense (unless, of course, you have a
business that has any sort of digital presence), but the whole mobilegeddon
event threw into light a major aspect of technology that has been digging its
heals into every instance of our lives: mobile security and access.
Mobile security is on the rise; with a lot of new efforts
being made to try and secure data files that get accessed and stored on mobile
devices from secure data centers. For
the hacking game, this means there is an increasing focus on the security of
mobile devices in general.
Say Hello to the Rising Tide of Mobile Security
So how does the whole mobilegeddon
bit affect mobile security? Well, it
doesn’t, really. At least, it doesn’t affect mobile security in a direct way. What
the mobilegeddon event did was show everyone just how important mobile phones
are in the current age. Whether it is just for searching and browsing or for
altogether active engagement with work life – mobile use is here to stay.
According to Forbes, even in 2013
the numbers were trending upwards.
Of note from the article, 82 percent of U. S. adults own a cell phone,
there are 5X as many cellphones in the world as PCs, and more importantly
for this discussion, over 73 percent of smartphone users say they
used the mobile web to make a purchase instead of using an app.
That is a whole lot of cell phone use – and a lot of
opportunity for the growing field of mobile security.
After all, if you throw anything into the limelight for long
enough, people are going to begin to notice.
Mobilegeddon illustrated the rising importance of mobile access for all
the world to see, and everyone noticed.
Unfortunately, it isn’t always the people you want.
In the security world, those people are hackers – and if
more individuals are operating their lives through a digital persona on their
cell phone, hackers are going to want a piece of that action.
I can’t really say that I blame them – the stats speak for
themselves!
With more and more business and industries creating mobile
purchasing apps that end users jump right into (think Etsy or even whichever
banking app you happen to use), strong mobile security is a necessity in the
modern world. Unfortunately, most users
don’t tend to think about that when they use their phones.
The worst part, as illustrated by this
article on DarkReading: end users have no issue with removing data from a
secure data center and storing it on their mobile device (also, check out this
article on A
Firewall Security Challenge if you want to read more about the importance
of a firewall in network security).
Mobile security might not be an important issue for the individual user,
but when sensitive, corporate data is thrown into the mix, it becomes a whole other
ballgame.
Mobile Malware – Stronger and more Prevalent
Quick – what is your mobile anti-virus and anti-malware
solution?
Like most people, you probably don’t have one. Today, that might not be a huge issue. Tomorrow, however, that could put your bank
account and even your company at risk.
Being a proactive HackerAttacker, you should expect the bad guys to be
one step ahead of the curve, and so it is important for you to be one step
ahead of them.
Sara Peters wrote an interesting article on the increasing
trend of appearances of android malware and the potential impact this may
have on mobile security. With the steady
yet constant increase in mobile use, it was only a matter of time before attackers
started looking at mobile access as a weak link into a slue of profitable
information.
The biggest issue that malware presents for mobile security
is its quiet approach. Mobile malware is
still a silent threat – making very little noise and striking where we least
expect it. After all, who expects their
phones to be targeted – what with the increasing amounts of cat pictures and
tap games that some of us store on them. We often forget how profitable any
little bit of our information can be in the wrong hands.
 |
| You just wanted to cuddle...then you get attacked |
In reality, this is a huge problem.
Peters quotes the security Evangelist for G Data, stating,
“Does everyone know they need anti-virus for their phone…I don’t think they
know that yet.” This is a startlingly important statement. You can almost hear the warning in that final
word ‘yet.’ A change is coming, and we all need to be prepared for it when it
arrives.
At this point in time, there are no instances of massively
high-impact malware that are infecting user devices. According to the Verizon
Data Breach Investigations Report, “…less than 0.03 percent of mobile
devices are infected with ‘high-impact’ malware each year and mobile phones
were not being used in remote attacks.” Be that as it may, that does not mean
that there is nothing o worry about when browsing on your phone or copying
company data from the cloud.
Mobile security should be a major concern.
There are two financially motivated Trojans that Peters
refers to in her article – the Svpeng Trojan which can “…steal credentials or
other access data when a banking app is used, or it can encrypt the device;”
and there is the Faketoken Trojan which, “…steals your mTANS (transaction
authentication numbers), which attackers can then use to transfer money to
their own accounts.”
While they have not been the cause of significant data loss
as of yet, this is only the beginning.
Enhancing Mobile Security – Protect the Future Now
According to the International
Data Corporation, the Android market share for early 2015 is outshining
Apple by quite a bit (holding 78 percent of the market, to Apple’s 18.3
percent). So it makes sense that malware
creators would target Android before Apple – this is a stepping-stone to a
potentially larger mobile market for attackers.
If mobile security and awareness does not increase – and
increase soon – more individuals could be inadvertent targets of identity theft,
or even unwitting accomplices in company-scale data breaches. Right now, the field of mobile malware is
likened to a testing ground for attackers, but it only takes one mistake due to
lack of awareness to lead to a massive data breach – costing a business
millions. A simple way to avoid this is
to adopt anti-virus and anti-malware systems for your mobile devices now, as
opposed to when you have already become the victim of a mobile security
breach.
As a HackerAttacker, you know that digital subterfuge and
cyber warfare is constantly moving forward, often faster and more ruthlessly
than we can keep up. When something like
these issues with mobile malware and mobile security crop up and quietly die
away, they should never be forgotten. Be
proactive, and erect your defenses early to protect and secure your
future. The world is shifting to allow
access to personal and company information on the go, and your security should
follow suit. Enhance your mobile
security and protect the future today!
No comments:
Post a Comment