The Most Common Mobile Security Threats in 2022

While we may think of cyberattacks as being mainly directed at computers and servers, mobile phones are increasingly the target of cybercriminals hoping to steal personal or corporate data. The threat has risen sharply during the pandemic: People working from home have used their mobile phones to access company platforms and software, while home shopping has also seen a huge boost. These activities offer scope for criminals to gain access to mobile phones.

Android phones are particularly susceptible to attacks: The Nokia Threat Intelligence Report 2021 identified over 33 million unique Android malware samples, a year-on-year increase of 13.7%.

Mobile security threats are essentially attacks intended to steal data from mobile devices such as smartphones and tablets. Malware or spyware is used to gain access to mobile devices. From there, criminals can perform malicious acts ranging from accessing contacts and making calls to stealing and selling data, particularly location data, which is very lucrative. In addition to affecting individual users, a breach could allow attackers to gain access to login credentials for the network of the user’s employer, potentially leading to a large-scale leak of data.

There are four main categories of mobile security threats:

• App-based threats occur when users download malicious apps or fail to check if it is safe to grant the app access to their device.

   

• Web-based threats happen when people visit websites that seem legitimate and secure but that in reality download malicious content onto their mobile devices. These threats can be particularly damaging, as they can go largely unnoticed.

   

• Network threats most commonly work through free-to-use public Wi-Fi connections, which can often be insecure. Some attackers will even set up a fake Wi-Fi network, a technique known as Wi-Fi spoofing. They trick users into using the compromised network, and they can then gain access to the user’s device and credentials.

   

• Physical threats occur when the device is lost or stolen. If it falls into the wrong hands and the device is not protected by a strong password, PIN, or other form of protection, it is vulnerable to attack.

   

Users, as well as corporate IT security departments, should understand the different categories of mobile threats. This will ensure they know when and how devices might be vulnerable to attack and adapt their behavior and processes to ensure they are protected.

There are a number of threats facing the unsuspecting mobile user.

Mobile Apps that Mine Corporate Information

Giving information to illegitimate apps can be a bigger risk than that posed by malware. Corporate users will often give these apps a wide range of information, data that may then be sent to remote servers across the globe. Cybercriminals and governments can then mine this data to gain access to corporate networks. This is a significant risk, largely because users don’t recognize the danger. To avoid these problems, users should give apps only the permissions they really need.

Tampered Mobile Apps from Untrusted Sources

Users may be tricked into installing apps from untrusted sources (instead of from official mobile application stores). Applications from unofficial stores do not go through Apple’s or Google’s verification process and therefore may include a tampered version of the original application, which includes malicious code. To avoid this attack vector, organizations should block their users from using unofficial applications.

Phishing Attacks

Phishing is the practice of sending emails that appear to be from a reputable company. The intent is to get individuals to reveal sensitive personal information, such as credit card numbers and passwords. As most mobile phones are always on, they are prime targets for phishing attacks. Many mobile users also often monitor their email constantly, opening messages as soon as they are received.

Android Fragmentation

Many millions of mobile devices use the Android operating system–and that is a part of the problem. The operating system is so popular that many companies incorporate it into their products. Variations and custom interfaces add to the complexity, and as a result, upgrades and security patches are often missed.

Mobile Ransomware

With the increasing use of mobile phones to access corporate data, mobile ransomware is a growing problem. Similar to ransomware that infects computers, mobile ransomware encrypts files on a mobile device and then demands a ransom to restore the user’s access to files. Attackers using ransomware may also steal large quantities of data before blocking access to its legitimate owners.

Jailbreaking, or Rooting

Jailbreaking, or rooting, means removing software restrictions put in place by the device manufacturer. It allows the device to install unauthorized or third-party software, including digital currency miners. Attackers who use this technique gain privileged administrator access to mobile devices. These permissions give attackers greater access than the default permission, allowing them to do more damage and steal more data. The process is made easier because many users will jailbreak their own devices. Deploying software that includes rooted and jailbroken device detection is an important way to mitigate this threat.

Trusting Users

Many users are unaware of the serious security threats to their mobile devices, and many users do not see mobile security as their concern. Even more users think that losing a mobile phone with company data on it is not a big threat. Company employees who lack awareness of mobile security are becoming a major threat to organizations, which need proper processes in place to educate their staff about the risks.

Network Spoofing

Some hackers set up fake access points that look like real Wi-Fi networks. They trick users by adopting legitimate-sounding names like ”‘Airport Wi-Fi”. These encourage people to set up accounts to access the “free” services advertised. The danger comes because many people use the same email and password for many services, giving a hacker a route to compromise users’ email, banking, and other services.

Encryption Gaps

End-to-end encryption is one of the key tools in securing information. With this method, data is encrypted all the way from one device, through the network, to the end-point device. A point on this route that breaks this chain is known as an encryption gap.

One of the major culprits is unsecured public Wi-Fi networks. Because they are not secure, they leave a hole where cyberattackers can access the information sent from an enterprise network to employees’ phones. Using VPNs is an effective approach to mitigate this threat.

Ping Identity offers solutions that ensure mobile users’ data remains private and is shared only with authorized companies and organizations. Ping One for Individuals is used to issue digital identity cards to a company’s users. These cards are tied to verified data and stored in a digital wallet. This makes it easy for people to share their personal data securely with a simple link or by scanning QR codes.

PingOne Protect detects suspicious devices based on various device and network attributes, automatically challenging or blocking transactions from an untrusted device in real time.

For employees, PingOne for Workforce (including solutions that check for rooted and jailbroken devices) can connect any user to any app on any device. Using adaptive authentication, it gives employees seamless access whether they are at home, in the office, on the road, or anywhere they might need to work.