FEATURE : MOBILE SECURITY
WE INHERENTLY TRUST THESE DEVICES , WHICH MAKES US VULNERABLE TO SOCIAL ENGINEERING
ATTACKS .
• Mobile applications are a security gap : Nearly 20 % of mobile banking customers had a trojanised app on their device when trying to sign into their personal mobile banking account .
• Lookout found that 21 % of iOS devices and 32 % of Android devices were exposed to more than 390 iOS and 1,060 Android vulnerabilities because they were running iOS 13 or earlier and Android 10 or earlier . A delay in users updating their mobile devices creates a window of opportunity for a threat actor to gain access to an organisation ’ s infrastructure and steal data .
The Lookout report also highlights how cyberattackers are deliberately targeting phones , tablets and Chromebooks to increase their odds of finding a vulnerable entry point . A single successful phishing or mobile ransomware attack can give attackers access to proprietary market research , client financials , investment strategies and cash or other liquid assets . These attacks can take the form of mobile phishing , apps containing malware , exploits of app or device vulnerabilities and using risky networks outside of the traditional office perimeter . risky applications among the industry ’ s employees and customers . Between 2019 and 2020 , Lookout data shows that financial services and insurance organisations experienced the following :
• Exposure to significant risks despite MDM : Despite a 50 % increase in MDM adoption , average quarterly exposure to phishing rose by 125 % and malware and app risk exposure increased by over 400 %.
• Credential stealing phishing attacks are still a major problem : Almost 50 % of phishing attempts tried to steal corporate login credentials .
“ These findings demonstrate that regardless of whether a device is managed or unmanaged , attackers have equal success in deploying phishing campaigns ,” said Gert-Jan Schenk , Chief Revenue Officer , Lookout . “ In addition , phishing can be particularly difficult to detect on a mobile device . We inherently trust these devices , which makes us vulnerable to social engineering attacks . Protecting modern endpoints requires a different approach – one that is built from the ground up for mobile and can continuously secure an organisation ’ s data from endpoint to the cloud .
The report ’ s findings are sourced from the Lookout Security Graph , which contains behavioural analysis of telemetry data from nearly 200 million mobile devices , 140 million apps and analyses more than 4 million new URLs every day . The data analysed for this report is specific to financial services and insurance organisations . p
www . intelligentcio . com INTELLIGENTCIO EUROPE 45