Trends in Cybersecurity: The threat from mobile devices

The issue of cybersecurity has become more prevalent in recent years. Hackers are finding new ways to adapt to the ever-changing technology market, and with every step forward in the innovation of technology, cybercrime takes a leap. What were the predicted trends for 2017, and have they come into fruition during the first few months of the year?

This article is part of a four-part piece which will be posted in subsequent weeks.

Part one – Trends in Cybersecurity: Popularity of Ransomware

Part two – Trends in Cybersecurity: IoT – Unsecured Hacker Targets

Part three – Trends in Cybersecurity: The threat from mobile devices

Part four – Trends in Cybersecurity: Security Skills Shortage

Trends in Cybersecurity: The threat from mobile devices

This statistic is an exciting development and a clear sign of how the digital space is evolving; but for the cyber security world it is also problematic. The mobile device has demonstrated the potential to absorb and encompass a range of different technologies – the photo and video camera, the radio, the desktop computer, the bank card, the telephone directory, calculator and alarm clock (plus many more) are already wrapped up in shiny plastic and metal packaging, and this is only the beginning. With every new advancement, the threat of exploitation by cyber criminals increases. The attacks are becoming more sophisticated, as discussed in our previous article ‘Trends in Cybersecurity: IoT – Unsecured Hacker Targets’.

At the start of 2017, the threat from mobile devices was highlighted as a key area for concern by cyber security professionals, and it was predicted that these devices would continue to be vulnerable throughout 2017. The bigger implication of this is that these devices can allow for exploitation of corporate technology infrastructures. It was suggested that by the end of 2017, cyber security companies would begin to produce protection to allow business’ to fight back and protect themselves – but how have things developed during the first few months of the year?

A key statistic indicates that roughly 4% of all mobile devices are infected with malware at some time. At the start of 2017, Denise Giusto Bilić, writer for welivesecurity, advised that she expected the variants of malicious code to increase throughout the year “During 2015, new variants of malicious code created for Android averaged 200 a month; during 2016, this number rose to 300 new monthly variants (in iOS the number is 2 per month). We would not be surprised to see this increase continue over the next year, averaging 400 new mobile malware variants per month for Android by the end of 2017”. The impact of this is that even more devices will become infected as cybercriminals development more intelligent ways to compromise these devices.

The wider issue is what impact this has in the corporate environment. Many employees will connect to a corporate network using their mobile device. As noted by Stan Black, CSO at Citrix; “Employees expect to be able to access their information from anywhere, and work from anywhere; allowing that access can make data more vulnerable”. As a consequence, more than 70% of IT leaders admit they are at risk from an inability to control employees’ apps and devices, according to a Citrix/Ponemon Institute survey released in January.

Employees are guilty of ignoring corporate protocol and downloading malware-riddled mobile apps from unauthorised sources onto their devices. Even when downloading from reputable sources there are risks – cybercriminals have created malicious development environments designed to hide malware in apps that appear, on the surface, to be safe. As mobile phones are used outside of the range of a corporate network and are fully controlled by employees, they are difficult to protect – this is a real challenge for cyber security professionals (and companies) in 2017.

As some predicted, alongside the increase in exploitations of this type, the market has reacted exponentially. According to Gartner, mobile threat defence companies have begun to manufacture applications that can be installed on mobile phones to scan for dangerous apps or suspicious WiFi networks whilst employees are away from the office. The next anticipated issue relates to the payment of these solutions. IT departments are seldom given extra resource or funding for mobile device protection. It’s been predicted that during the remainder of the year, it is more likely that funding will become commonplace as the threat becomes more prevalent.

It will be interesting to see how companies react during the remainder of the year and whether the inclusion of mobile device management and protection is integrated into the IT procedure for global enterprises before it’s too late.

Are you looking for a new role within cybersecurity? Click here to see our current global vacancies!