Smartphones as a smart gateway for hackers

Blog Cybersecurity
Pic Source: Maxim Ilyahov via Unsplash

For some time now, cybercriminals have identified and exploited mobile devices as supposedly easy entry points for their planned attacks. Recently, Perseus has also had to increasingly warn its customers of such attacks. An overview.

The Mobile Security Index from Verizon

The telecommunications group Verizon regularly publishes its “Mobile Security Index”. As the name suggests, the report focuses exclusively on threats to mobile devices. It explains which protective measures companies use to protect themselves against possible attacks. It also explains how often these measures unfortunately fail and lead to mobile devices being compromised.

The threat is on the rise

Threats to mobile devices, such as smartphones, tablets and laptops, are rising sharply. Two-fifths of respondents said they believe mobile devices pose the greatest IT security threat to the enterprise. Of the remainder, 85 percent said mobile devices are at least as vulnerable as other IT systems.

This is why mobile devices are at risk of attack

Although the number of mobile compromises has not increased this year, the extent is still alarming. More than one in five organizations surveyed had experienced a mobile device compromise in the previous 12 months.

The reason for this is that mobile devices are used universally. One cannot speak of the frequency of use having increased, but rather the scope of use. Users are accustomed to doing all tasks with the mobile devices – and here especially with the smartphone. Mobile devices have evolved from practical companions to indispensable business tools.

The ongoing digitization and new, technological innovations are making the work of IT experts more difficult. According to Verizon, there is growing pressure on IT from the business. More than 75 percent of IT service providers have been asked by management to sacrifice mobile device security in order to meet set deadlines or even other business goals.

In addition, cybercriminals are becoming more and more professional. Attacks are becoming more extensive, more complicated and more complex. For example, cybercriminals can develop targeted phishing attacks and target their victims ever more quickly. Often, these attacks are more successful on mobile devices. On a small screen, malicious emails or even fake websites are detected less quickly than on other devices.

The impact of Covid-19

The impact of Covid-19 should not be underestimated either, as companies sent their employees into the home office overnight. Working from home was the exception before the pandemic. Now it’s the new norm and will continue to be. However, according to the Verizon report, a quarter of respondents said their organization has neglected mobile device security to enable efficient working from home. At the same time, so-called “shadow IT” can develop within the company. This is when employees use programs or private devices in connection with company data. This poses a number of risks, as the company’s own IT or the responsible IT expert has no control over the use or deployment of the programs and devices, nor can they track whether the workforce is complying with regulations and defined processes.

In addition to that, Covid-19 was exploited by the cybercriminals to launch more and more new phishing campaigns. The ever-changing rules, laws, and regulations provided enough material for hackers to create customized phishing attacks very quickly.

Recent examples

Perseus has also noticed an increase in cyber attacks on mobile devices. In the last few weeks, the Perseus team has sent out a number of threat alerts to its customers to draw their attention to current threats to mobile devices.

  1. On May 4, Apple, as well as Android, asked its users to install important security updates, as various security vulnerabilities were discovered. In Android’s case, the affected element was Google’s Android operating system, an open-source platform for mobile devices. If successfully exploited, a remote, anonymous attacker could execute arbitrary program code with administrative privileges, elevate privileges, disclose information, and bypass security measures, i.e., gain almost complete control over the compromised device. The vulnerabilities on Apple devices were already being actively exploited when the incident was announced. The attacked vulnerabilities were in the Webkit engine, which is used to render web pages in web browsers.
  2. On April 9, Perseus warned its customers about a malicious SMS campaign. Cybercriminals posed as parcel delivery people and sent their victims deceptively real messages with a fake link for a supposed parcel delivery. The attackers apparently instrumentalized the current Corona pandemic, in which people are increasingly ordering online and many people are expecting parcels. The aim was to tap consumers’ personal data or install malware.
  3. And just last week, Perseus reported on the “TeaBot” malware, which attempts to spy on banking data on Android devices. Read the full article on this threat warning here.