For some time now, cybercriminals have identified and exploited mobile devices as supposedly easy entry points for their planned attacks. Recently, Perseus has also had to increasingly warn its customers about such attacks. An overview.

Verizon’s Mobile Security Index

The telecommunications company Verizon regularly publishes the “Mobile Security Index”. As the name suggests, the report focuses exclusively on threats to mobile devices. It explains which protective measures companies use to protect themselves from possible attacks. And finally, it also explained how often these measures unfortunately fail and lead to mobile devices being compromised.

The threat is rising

Threats to mobile devices, such as smartphones, tablets and laptops, are rising sharply. Two-fifths of respondents said they believe mobile devices are the biggest IT security threat to the organization. Of the rest, 85 percent said that mobile devices are at least as vulnerable as other IT systems.

This is why mobile devices are vulnerable

Although the number of mobile breaches has not increased this year, the scale is still alarming. More than one in five companies surveyed had experienced a security incident related to a mobile device in the previous 12 months.

The reason for this is that mobile devices are used universally. One cannot say that the frequency of use has increased, but rather the extent of use. Users are used to completing all tasks with mobile devices – especially smartphones. Mobile devices have evolved from a practical companion to an indispensable business tool.

Advancing digitization and new, technological innovations are making the work of IT experts more difficult. According to Verizon, the pressure on IT from the company is growing. More than 75 percent of IT service providers have been asked by management to sacrifice the security of mobile devices in order to meet set deadlines or other business goals.

In addition, cybercriminals are working more and more professionally. The attacks are becoming more extensive, more complicated and more complex. Cybercriminals are increasingly able to develop targeted phishing attacks and attack their victims, for example. Often, these attacks are more successful on mobile devices. Malicious e-mails or fake websites are detected less quickly on a small screen than on other devices.

The influence of Covid-19

The influence of Covid-19 should also not be underestimated. Companies sent their employees to work from home overnight. Working within one’s own four walls was rather the exception before the pandemic. Now it is the new norm and will continue to be so in the future. However, according to the Verizon report, a quarter of respondents said their organization has neglected mobile device security to enable efficient working from home. At the same time, so-called shadow IT can emerge in the company. This is when employees use programs or private devices in connection with company data. This entails some risks, as the company’s own IT or the responsible IT expert has no influence on the use or deployment of the programs and devices and cannot understand whether the workforce adheres to regulations and defined processes.

You can find more information about shadow IT here.

In addition, Covid-19 has been exploited by cybercriminals to create more and more phishing campaigns.  The constantly changing regulations, laws and regulations provided enough fodder for hackers to create tailor-made phishing attacks very quickly.

Current examples

Perseus has also noticed an increase in cyberattacks on mobile devices. In recent weeks, the Perseus team has sent a number of hazard warnings to its customers to point out current threats to mobile devices.

1. On May 4, Apple and Android asked their users to install important security updates as various security vulnerabilities were discovered. In the case of Android, the affected element was Google’s Android operating system, an open-source platform for mobile devices. If successfully exploited, a remote, anonymous attacker could execute arbitrary program code with administrator privileges, elevate privileges, disclose information, and bypass security measures, i.e., gain almost complete control over the breached device. The vulnerabilities on Apple devices were already actively exploited when the incident was announced. The attacked vulnerabilities were located in the Webkit engine, which is used to display websites in web browsers.
2. On April 9, Perseus warned its customers about a malicious SMS campaign. Cybercriminals pretended to be parcel deliverers and sent their victims deceptively real messages with a fake link for a supposed parcel delivery. The perpetrators are apparently instrumentalizing the current Corona pandemic, in which orders are increasingly being placed online and in which many people are expecting packages. The aim was to tap personal data of consumers or install malware.
3. And just last week, Perseus reported on the malware “TeaBot”, which tries to spy on bank data on Android devices. Read the current hazard warning  here.