5 Biggest Mobile Security Threats In 2019
By Steven Lerner
It’s a prevalent issue that keeps mobility leaders up at night. What are the biggest mobile security threats in 2019 — and will your enterprise be equipped to prevent these attacks? Hackers are becoming more sophisticated, especially with mobile devices. In 2019, here are some of the growing mobile security threats in the enterprise.
1. Fake Public Wi-Fi Networks
One of the sneakiest ways that hackers take advantage of the vulnerabilities of mobile devices is through fake wireless networks. Although Wi-Fi itself is fine, especially if it a secure private network, users will mistakenly connect to public Wi-Fi without considering the risk. Sometimes, a public Wi-Fi network might seem reputable, but really it was set up for the intent of luring users into the network. Even when users are aware about the dangers of these unsecure networks, 80% still connect to them.
This practice is especially troubling given the recent trend of employees accessing corporate apps on personal devices. To prevent this from disrupting an organization, there should be a robust mobile policy that restricts employees from accessing enterprise data through public Wi-Fi.
2. Malware-Ridden Apps
There are many classifications of mobile malware threats, and ways that hackers trick users into getting infected. In 2019, certain mobile applications represent one of the most likely vehicles of malware. Often at times, workers will download applications that are perceived to be from reputable companies. However, the apps are actually fake applications disguised as legitimate, and the apps contain malware. Users likely don’t understand this, but still download them, input their private information, and are infected with malware. There have been thousands of cases of malicious applications online, and some of them have received millions of downloads. One recent report found that attacks from so-called rogue mobile apps have increased by 300%. Enterprises should prevent employees from downloading apps from unreliable sources.
3. Data Leakage
Mobile devices are susceptible for data leakage, and hackers are trying to capitalize on it. The tricky part about data leakage is that there could be multiple causes for it. Sometimes, enterprise mobile apps can be leaky. There are also personal apps that inadvertently transmit personal or corporate data to a remote server. Employee negligence (or event a disgruntled employee) is sometimes at fault, with workers emailing sensitive data to a recipient outside of the organization, or transferring enterprise data to a public cloud instead of a private cloud.
Data leakage is one of the biggest mobile security threats in 2019, and enterprises must be equipped with the right tools to prevent it. Some solutions enable organizations to stop the processes in apps that lead to data leakage. Other organizations restrict permission for apps or certain files in order to limit data leakage.
Hackers have relied on phishing scams to steal both personal and enterprise data. A common example involves fraudulent emails where users mistakenly disclose details, which leads to the theft of sensitive information. On mobile devices, phishing scams are taking the form of SMS or text messages that trick users into revealing details, such as passwords. Known as SMiShing, this involves users receiving a message that urges them to call a phone number. When the user calls, data on the phone is easily extracted. Both the user and the organization may not even be aware of the breach, especially if there is no security software that is used on the mobile device.
The best defense from SMiShing is to educate users not to take calls from unknown text messages, especially if the phone number seems suspicious.
As one of the fastest growing mobile security threats in 2019, cryptojacking, is so new that there’s a good chance that some mobility leaders might not be aware of it. Cryptojacking involves hackers leveraging someone else’s device to mine for cryptocurrency. Meanwhile, the user lacks the knowledge of this happening. Mining the users’ device for cryptocurrency impacts the technology, and it could diminish the device’s battery life and overall performance. It could also result in devices being overheated and physically damaged. Since many employees depend on their devices for work, this is very troubling. Cryptojacking started with malicious mining apps, although these apps have now been banned from stores. However, mobile websites could still be lurking with them. There isn’t a robust solution for cryptojacking, so enterprises should educate employees about avoiding suspicious websites and apps.