Hybrid working has been a game-changer for individuals and businesses around the world. It accelerated the adoption of digital technologies, transformed day-to-day business processes and showed the world that it could work, no matter the situation.
However, a fragmented workforce adds further complexity to the threat landscape. Security teams must manage a multitude of new vulnerabilities and face the near impossible task of securing multiple networks and IoT devices.
As millions of us now embrace a hybrid working model, smartphones have become an essential tool for daily business transactions. According to App Annie’s State of Mobile 2022 report, users in the world’s top ten mobile markets collectively spent 3.8 trillion hours looking at their mobile devices in 2021. That’s an average of 4.8 hours per day. , an increase of 30% compared to the previous two. years and although the use of mobile malware is decreasing, mobile devices still pose a significant risk to organizations. According to our Check Point research, there has been a 45% increase in cyberattacks since the shift to remote working, which has put a lot of pressure on IT teams as they seek to secure user devices.
With such use in a fragmented landscape, it’s no wonder cybercriminals see mobile as the perfect launchpad for a large-scale attack.
Increase in vishing and smishing cyberattacks
Modern mobile devices are more powerful than ever, with sophisticated operating systems and a wide range of applications and services. While this complexity may create more opportunities for attackers to find vulnerabilities and exploit them, manufacturers such as Apple, Samsung and Google have developed handsets with strict security settings. This makes traditional attack methods like malware more difficult in civilian environments. It is always possible to circumvent security measures and we have seen an increase in malicious apps posing as legitimate products on app stores, however many do not pass the download phase.
The actions of these big companies have caused cybercriminals to move away from traditional attack methods, such as malware or ransomware, and find new tactics to exploit users. In the past two years, vishing and smishing cyberattacks have grown significantly in popularity, which is not surprising considering that the number of daily voice messages sent via WhatsApp will reach seven billion in 2022, according to the company. . Phishing, also known as voice phishing, often involves an attacker impersonating a representative of a legitimate organization and using voice communication to steal user login credentials. Similarly, smishing is a tactic that uses SMS messages or messaging apps to build rapport with their victims and coerce them into sharing sensitive information.
What is the reason for the increase in vishing and smishing attacks? There are several factors: the increased use of mobile devices, the sudden growth of remote working, and the sophistication of attackers and the technology they use being a handful. The amount of sensitive data passing through them means that they have become an attractive target for cybercriminals.
According to the US Federal Trade Commission, vishing attacks alone cost US victims $124 million in 2020. For example, the same year the FBI issued a warning about a vishing campaign targeting workers from a distance. The attacker posed as an IT help desk and used social engineering tactics to trick victims into sharing their private login credentials and other sensitive information. More recently, Check Point Research encountered an Android Trojan dubbed FakeCalls, a piece of malware capable of impersonating more than 20 financial apps and mimicking phone conversations with bank employees.
Vishing and smishing attacks are increasingly being used for identity theft and financial fraud, a trend that shows no signs of slowing down. But what else can we expect in the mobile vector in 2023 and beyond?
Evolution of ransomware in the mobile world
Ransomware attacks typically rely on the ability to encrypt files on a device and demand a ransom for delivery. However, mobile devices and their operating systems have built-in security features that prevent unauthorized access to data stored on them. For most of us, this data is also stored or backed up in the cloud, making it difficult for would-be attackers to steal victim credentials through the device. Therefore, ransomware attacks are not as prevalent on mobile devices as they are on traditional desktops and laptops.
That’s not to say it’s not something we might see in the future. If ransomware attacks become more common on mobile devices, they could have significant consequences for individuals and organizations. As mobile devices are often used to store sensitive personal and business data, a successful ransomware attack could significantly damage an organization’s reputation and have serious financial implications.
Additionally, mobile ransomware attacks could potentially impact critical infrastructure, which from a geopolitical perspective could be an extremely powerful weapon. Once a device has been hacked, bad actors could use it as a platform to steal top-secret information about anything from future government policy to the technical specifications of new weapons. Moreover, it could even be used as an entry point to launch a much wider attack.
Approach to mobile security
As the world becomes dependent on mobile phones for communication, business and transactions, ensuring device security must be a priority. Organizations can take several steps to strengthen their mobile security procedures, including:
Undertake employee training. Arguably one of the most effective ways to prevent cyberattacks on mobile devices is to educate employees about the risks and how to avoid them. This could include regular training sessions on the safe use of mobile devices, as well as regular reminders on the importance of security.
Implement mobile security policies. Organizations should have clear policies in place regarding the use of mobile devices. This should include guidance on installing apps and accessing sensitive data. Policies should be regularly reviewed and updated to reflect evolving threats and technologies.
Monitor and update mobile devices. Monitoring mobile devices for suspicious activity, such as unusual network traffic or unexpected app behavior, could identify threats before they occur. Devices should also be regularly updated with the latest security patches and software updates, as well as prevention-focused security software, instead of just detection software, to fix any known vulnerabilities in order to prevent them. to prevent such attacks from occurring.
Perform regular security assessments. Regular security assessments could help identify vulnerabilities and areas for improvement in an organization’s mobile security posture. This may include vulnerability scanning, penetration testing, and social engineering testing.
The growing sophistication of mobile device attacks reflects the changing threat landscape and the growing importance of smartphones and IoT devices in our daily lives. Therefore, it has never been more important for individuals and organizations to be aware of the risks they face and take steps to protect against this growing trend of new age threats.
Eli Smadja is head of the security research group at Check Point Software Technologies, a US-Israeli multinational provider of software and combined hardware and software products for computer security.
