Decoded: Mobile security
Mobile devices are increasingly a means and opportunity for cybercriminals. This Decoded article sheds light on how they are targeted and infected.
There are two main reasons why cyber criminals are turning their attention to attacking mobile devices: means and opportunity. In short, it's because there are more mobile users than ever, and the growing capabilities of smartphones and tablets make them an attractive target.
Mobile use is growing around the globe: almost half the world's population is expected to have a smartphone this year. Fully-fledged desktop or laptop PCs, meanwhile, are used by a far smaller proportion of people. By targeting mobile devices, cyber criminals have a far larger addressable market. And, with three-quarters of all internet use expected to be on mobile devices, they also have a greater window of opportunity in which to target their victims.
PCs used to be consumers' and organisations' main data stores and means of accessing online services but as more and more users buy tablets with large screens or smartphones with desktop-like functionality, would-be attackers are porting their attacks from desktop to mobile, as well as finding new ways to target users through their devices.
And, thanks to the relative novelty of mobile threats, many users may not be aware that their phone or tablet may be at risk, and haven't taken the appropriate steps to mitigate the threat.
How can mobile devices be targeted?
Many of the same types of threats seen in the desktop environment are found on mobile devices too.
As on the desktop, cyber criminals are looking for unpatched flaws in software that they can exploit for their own ends. By taking advantage of vulnerabilities in the operating systems of mobile phones, criminals can, for example, spy on what the device's user is doing or take over the device entirely.
There has also been notable growth in malware that targets mobile hardware: thanks to their advanced operating systems, smartphones and tablets are also likely to find themselves infected with a virus. The virus can be used to spy on the user's actions and phone information, change privileges, take control of the device, or brick it entirely. Ransomware, a persistent menace on desktop PCs, is a small but growing threat for mobile devices.
How do mobile devices get infected?
Mobile malware can find its way onto devices through tried-and-tested techniques, such as when users open a malware-containing email or visit a site that contains malicious code.
However, there are other attack vectors that are unique to the mobile world. Take app stores, for example. Third-party app stores are a way for users to find useful new software for their phone, but they're also where criminals upload seemingly benign apps that in fact contain malware. There have been several high-profile instances of apps that included mobile malware being downloaded from third-party stores tens or hundreds of thousands of times.
The iOS App Store and Google Play review apps before making them available to download, which generally makes them a safer bet than third-party stores. However, despite Apple and Google's vetting processes, malware-containing apps do still turn up in their own respective app stores.
There are also other ways that attackers can gain unauthorised access to a phone or tablet, including through wi-fi. Cyber criminals can set up public wi-fi access points that can steal data from those that connect to them. Users may think they're connecting to the local free wi-fi but may be inadvertently handing over data to those running the malicious hotspot.
What other mobile security threats are there?
Work tablets and smartphones are repositories of vast amounts of sensitive corporate information – and they're also vulnerable to being lost or stolen.
Organisations often focus on the software side of device security, rather than the physical side, but efforts to mitigate the effect of lost devices, such as remote lock and wipe, should be part of any mobile security strategy.