As mobile devices have become one of the main working tools, they have become the target of cyber-attacks. Taking cybersecurity measures on mobile is vital to prevent these types of e-threats.
iOS and Android dominate the global mobile operating system market. The popularity of an operating system increases the risk of cyberattacks, since the more users use it, the more likely the attacker is to gain access to privileged information.
Both Google and Apple, the companies that develop these systems, seek to detect and fix security flaws before someone takes advantage in order to steal corporate information. In 2018, 125 vulnerabilities have been detected in iOS and 611 in Android. Although these are high figures, they have managed to reduce compared to 2017, something positive if we take into account the increasing complexity of operating systems (which increasingly have more capabilities and functionalities) as well as a greater use of these systems in different devices (watches, TVs...).
Despite the obvious improvements and efforts made by companies in terms of the security of their operating systems and applications, the reality is that even today it is still necessary to take precautions and to avoid becoming a victim of a cyberattack.
Why are mobile devices so vulnerable to cyber-attacks?
Cell phones have become the center of our work and personal lives. We use them for everything at any time and that is why they are the perfect target for cybercriminals. Through a cell phone you can have access to a large amount of information, but it can also serve as a key to access other sites (company servers, emails, hard drives, home automation, smart devices, etc.).
The threats are great, such as user identity theft. Personal logins and passwords on any device are used for one reason only: to verify the user's identity and allow private access to that information. Therefore, the first step in obtaining sensitive information from a device is to impersonate the user's identity for all services and applications they may use. If a cybercriminal gets hold of our virtual identity (by stealing passwords) he will be able to access all applications, bank accounts, services, etc. without restrictions.
The way to avoid this identity theft is to try to use secure passwords and encryption protocols in communications. It is also advisable not to use the same password in two different services and to be careful when working from a public place. There are times when the user may be the victim of an attack without even knowing it.
There are some types of malware that simply send reports on user behavior and activity. This can include anything from browsing history to information about installed applications that can give attackers clues about how to get sensitive corporate or personal information. Data theft is one of the main problems, especially at the corporate level. The use of ransomware, a program that restricts access to the device or a part of it by preventing access to the information unless a ransom is paid, is sadly common. As the attacker is the only one who can unlock it, some users pay the amount demanded to try to recover them. During 2018, Colombia has been the Latin American country most affected by ransomware attacks. One in three attacks occurred in this country. Given that cell phones are connected from different locations and it is portable, it is much easier to have an oversight that involves a loss of control of the system and its contents.
Ideally, in the business environment, the company should put the necessary prevention mechanisms in place, in order to establish protocols and have the appropriate protection software for each case.
Main security risks for smartphones
Although viruses and malware work in a similar way on desktop and mobile devices, the physical and technological characteristics of the latter make them more exposed to certain types of attacks.
In addition to being vulnerable through email clients, this threat is compounded by the threat of sending short messages (SMS), which, despite seeming innocuous, are also very dangerous and can be a gateway to our device for the attacker. Spam is not only a nuisance, but a serious security problem.
Any wireless connection is a potential entry point for a cybercriminal. Wifi, 4G, Bluetooth... Being connected permanently and anywhere has increased the risks.
Sending misleading communications (phishing) is often more problematic on mobile devices, as the ability to recognize whether a notification or email is legitimate is usually impaired.
Theft or loss
It is much easier to access a mobile device physically than online. Theft or loss is one of the risks inherent to smartphones and tablets that does not occur with desktop computers.
Shopping and payments
Almost all modern smartphones have payment capabilities, either through online apps or features such as NFC chips. Without strong protection against intruders, this can be one of the biggest problems we can encounter.
There are a multitude of malicious applications that go undetected in the Google and Apple app stores. The companies try to detect them but this is not always possible.
Prevention mechanisms on mobile devices
Although we are all exposed to threats on the Internet, a series of preventive actions can be taken in order to avoid, as far as possible, becoming a victim of a cyberattack.
Mobile devices connect to the Internet either via an internal network (Wi-Fi) or via telephone antennas (4G). In both cases there is a risk for the user, since communications could be intercepted on the 'way' or the device could be accessed through these signals. To avoid this, it is advisable to have monitoring solutions to keep track of the data and the status of IT infrastructures, but it would also be advisable to follow these tips:
- Use the native encryption of the phone and communications. If there is encryption, even if the attacker intercepts our message, he will not be able to interpret it because he does not have the key to read it. Encrypting the phone and using messaging applications that include encryption is the first step to protect our communications.
- Disable wireless communication media that are not going to be used. Disabling Bluetooth, NFC, Wifi etc. while not in use will cut off potential avenues of attack. Public wifi networks, for example, are a breeding ground for intruders, so it is recommended to avoid them as much as possible.
- Connect via VPN. A virtual private network (VPN) makes it possible to connect to private networks (such as the company's internal network) using public networks but with greater security. This makes it possible to access the private network servers as if we were connected locally, but with the exception that this can be done from any point with an Internet connection.
The operating system is the basis of the security of our mobile device. It is like a castle, it can have high and resistant walls, but if a spy sneaks in or someone digs a tunnel underneath, the security of the castle will be threatened. It is the user's responsibility to be well aware of the risks he/she is running to avoid problems resulting from his/her actions
- Keep software up to date. When developers detect vulnerabilities in their applications or operating systems, they try to patch them as soon as possible. Keeping software up to date is essential since it will not be possible to apply countermeasures to an attack if there are unpatched security flaws.
- Use only trusted software. Use only the applications necessary for work. The more applications we have installed, the more likely it is that an attacker can take advantage of their security flaws to enter our system. Try to use applications verified by the publisher and that are updated frequently.
- Limit administrator permissions. If the user cannot perform certain actions without the supervision of the company's security manager, it is more unlikely that he will install insecure software. This system is more inefficient but certainly more secure if we want to avoid intrusions.
Since there are applications for everything, the ideal is to make a selection and use the minimum essential ones. Each extra application on the mobile is a potential access for intruders, since each one must have its own security regardless of the operating system. Both Android and iOS have their own app stores, which although they are not 100% secure, they do offer a certain guarantee as they are mostly reviewed by their technicians and the community. In the event that Google or Apple detect that an application has malicious code, they will remove it from the market.
- Avoid installing raw applications. Try, unless there is no other option, to install all applications from the official store of the operating system. It's not completely reliable because even Google and Apple get malicious apps, but malware is more likely to sneak in from a directly installed app than if it goes through a store like Google Play or Apple Store.
- Use only communication apps with encryption. Encryption is essential when sending emails or accessing a chat. This will protect our information from improper external access. Make sure that your application has end-to-end encryption to avoid unpleasant surprises.
- Do not install unverified applications. There are many 'cheat' applications that only serve to steal data from users. Before downloading and installing a new application, check that it is verified by the publisher.
- Limit permissions to apps. Many applications need access to files, the camera, microphone and other parts of the phone to function properly. It is advisable to be clear whether such functionality is legitimate or may pose a security problem. When you have doubts, it is better not to accept the access and check if that application meets security standards.
On desktop computers, it is usually the company's IT department that is responsible for security updates, installing programs and having the necessary permissions to make changes to the computer. This healthy habit does not apply in the same way to mobile devices, so it is the user himself who must be especially careful about what he does.
- Protect access through a password. First and obvious step to have a minimum security on the device. Use a different one whenever possible and make sure it is complex enough so that it cannot be easily deduced.
- Do not enter unsecured pages. Do not accept invalid certificates or access pages without https secure protocol. Many of the cyberattacks through Internet arrive by this type of pages.
- Configure the automatic blocking. It is important that the device is blocked automatically after a time to avoid leaving our data exposed
- Make backup copies. In case of loss, theft or failure of the device, it is convenient to have a backup of the data in order to be able to restore the device.
- Do not open unknown files. Avoid opening or executing files whose origin is unknown.
- Activate the remote control. In case of loss or theft, it is important to have a remote device detection and locking software, such as Prey. The possibility of someone accessing the data on our mobile is much greater when it is in your possession, so acting quickly in such situations is extremely important.
Rely on industry experts
Efficiency means that each member of the team can perform their work in the best possible way, using the minimum of resources and time and obtaining the expected results. To achieve this efficiency it is best to have cybersecurity specialists who can provide customized solutions, knowing all the characteristics of the company and its needs in terms of computer security. Relying on experts is important since new problems arise every day, so prevention, monitoring and containment actions must be very precise.
You may also be interested in:
Article 1: Security within application code: SecDevOps
Article 2: WOCU, a tool to monitor them all.
Article 3: What is the cost of suffering a cyberattack?
Do you want to control the cyberthreats that surround your company?
In our Use Case we tell you how you can protect your business with our best tools.