Security best practices are constantly evolving to tackle the latest threats. Mobile devices such as smartphones and tablets are becoming the most commonly used general computing devices across the world. This growth has resulted in previously unimaginable levels of access to information. As mobile devices become more prominent in our daily lives, the opportunity to collect, alter, and exploit information about our personal and professional lives becomes an increasingly desirable target for cyber criminals.
Here is an outline of areas of growing concern for mobile security, as well as new opportunities for strengthening mobile security.
The emerging mobile security threats are:
- Use of mobile devices as Wi-Fi enabled Trojan horses
- Exploitation of mobile devices through insecure Internet of Things (IoT) connections
- The rise of mobile ransomware
- A false sense of security on iOS devices
The emerging mobile security opportunities are:
- Application shielding
- Context-aware security
- Proactive security measures
This blog series will describe each of these threats and opportunities in detail, with information about the implications to our personal and professional lives as mobile device users.
You’ve Already Been Hacked
Andreessen Horowitz tells us “you’ve already been hacked.”[1] Cyber criminals no longer go for the quick attack: instead of focusing on causing material damage to corporate infrastructure, sophisticated attacks infiltrate a network and patiently listen. Hackers collect mountains of private data, including personally identifiable information, health records, bank account information, and credit card details. A slew of high-profile security compromises across the retail, healthcare, and financial sectors left 2014 known as “The Year of the Hack.”[2]
Most of these high-profile attacks were initiated through social engineering tactics: company employees were tricked into installing malicious software or otherwise unknowingly giving system access to attackers. Once attackers make it past the initial gate, they can leverage known common vulnerabilities — such as the plain-text transmission of sensitive data across the intranet — in IT infrastructure to gain access to even more information. The majority of Americans now carry a smartphone everywhere they go, giving attackers hundreds of millions of new devices to target for such compromises. Metova has extensive experience in identifying new security vulnerabilities in all major smartphone platforms. This experience shapes our predictions for the near-future mobile security landscape, both in terms of identifying mobile security threats and methods of mitigating mobile security risks. Check back next week when we go into more detail on emerging security threats.
[1] Security | Andreessen Horowitz: http://a16z.com/2015/01/22/security/
[2] Year of the hack? A billion records compromised in 2014: http://www.cnbc.com/id/102420088
