Mobile Devices…the Biggest Threat to Security
This Friday is October 1st, and the month of October is Cybersecurity Awareness Month! Historically, our biggest cyber threat has been our computer workstations that we use for work and for personal use. But as mobile devices become used more and more for both business and personal use, it’s the mobile device where the biggest threat to security is emerging.
Cybersecurity Awareness Month
Cybersecurity Awareness Month was launched by the National Cyber Security Alliance (NCSA) and the U.S. Department of Homeland Security (DHS) in October 2004 as a broad effort to help all Americans stay safer and more secure online. The NCSA creates and implements broad-reaching education and awareness efforts to empower users at home, work and school with the information they need to keep themselves, their organizations, their systems and their sensitive information safe and secure online and encourage a culture of cybersecurity. And Cybersecurity Awareness Month is a part of that!
Mobile Device Use Continues to Rise
According to this “Mobile vs Desktop Usage” study by Perficient (sourcing Google Analytics), 68.1% of website visits globally in 2020 came from mobile devices—an increase from 63.3% in 2019. Desktop website visits only accounted for 29%. So, it’s the mobile device, not desktop and laptop workstations, that comprise most of the internet traffic – by far.
The famous criminal Willie Sutton was once asked why he robbed banks and his answer was simple: “Because that’s where the money is”. Cyber criminals direct their attention where the traffic is and, more and more, that is through mobile devices. And here’s the scary part – your mobile device may already be compromised, and you don’t even realize it.
Five Threats to Your Mobile Device
There are several threats to your mobile device that are opportunities for cyber criminals. Here are five that you need to be aware of:
Use of Unsecured or Malicious Apps: Mobile hackers have discovered that 85 percent of mobile apps have little to no protection, which allows the criminals to continuously harvest data, connections, resources, and infrastructure from mobile consumers and mobile businesses by targeting these unprotected mobile apps.
Access to Unsecured Public Wi-Fi: You probably know about the dangers of unsecured public Wi-Fi when using your laptop in public. But you may not think about it when it comes to your mobile device. They are also vulnerable and cyber criminals often set up Wi-Fi networks that look legitimate but used to capture data through their system. Using unsecured Wi-Fi networks is NOT recommended, so stick to your cell connection for internet access if a secured network isn’t available.
Failure to Update the Operating System: As the cyber attacks mount, Apple and Google have had to release new versions of operating systems containing patches to address security threats for iPhone and Android devices (including this one from Apple earlier this month that doesn’t even require the use to click on anything to activate it!). It’s important to apply operating system updates when they’re released to close the loop on identified threats.
Phishing/Smishing Attacks: You’re probably aware of phishing attacks where a cyber attacker sends an email that appears to be legitimate, but with a link that directs to a site to capture credential information. “Smishing” attacks are the same thing, but via text instead of email. Smishing attacks are on the rise, but both types of attacks happen through mobile devices as we use them more for reviewing emails.
Lost and Stolen Devices: Think you can’t do anything about protecting the data on your device if it’s lost or stolen? Think again. Android and iPhones both support a “lost mode” that enables the user to find, lock or even erase the device remotely. You just need to set it up in advance to protect the information on the device. Once it’s lost or stolen, it’s too late!
Cybersecurity Awareness Month is all about awareness of the ever-evolving dangers of cyber attacks and taking steps to protect yourself or your organization from those attacks. With the mobile device becoming the predominant device used for online activity, it’s just as important to take steps to protect your mobile devices as it is to protect your personal or business workstations.
It’s also important to understand whether your mobile device has already been compromised as a recent report by IBM found that the average time to detect and contain a data breach is 280 days! Many of you may be walking around with compromised mobile devices and not even realize it. How’s that for awareness?
For more information about Forensic Discovery’s Computer Forensics services, click here.