Companies around the world live dangerously, skidding through inadequate visibility and security in their mobile attack deck. While many organizations have adopted some level of management via mobile devices connected to their systems, it differs from mobile security and leaves them unprepared for a growing threat. Attacks on mobile phones and tablets continue to increase, and chances are good that they can be devastating I want youThe attack on the level is close in sight.
The WannaCry Ransomware attack left the world unaware in 2017, infecting hundreds of thousands of computers in 150 countries around the world. And it would have been worse if a British security research group had not discovered a kill switch preventing it from spreading within hours of the attack. But its impact was significant nonetheless, as it disrupted systems, caused many car manufacturers to stop production, and even forced some hospitals in the UK to turn away patients. Damage was estimated at billions of dollars.
By taking into account the lessons learned from this attack, companies can now work to avoid “mobile WannaCry” before it happens, rather than dealing with damage after the fact. It is possible to launch an attack using a mobile phone of this scale, and its impact could be much worse due to the ubiquity and usefulness of mobile phones, combined with the fact that almost everyone’s devices are at risk. As the US House Intelligence Committee heard recently, roving Spyware even infected phones
From American diplomats around the world.
Devices hold the keys to the kingdom – they are everywhere
In the five years since WannaCry came into existence, mobile devices have become more important targets than laptops or desktops. Smartphones are with us every minute of the day and are loaded with personal and organizational data. They have passwords, email accounts, credit cards, payment data, and biometric data often used in multi-factor authentication (MFA) for logical and physical access. They also have microphones, cameras, and location data that can increase the risk if the device is compromised.
But as much as we rely on them, organizations have not adequately addressed the mobile attack surface these devices represent. In addition to changing the security mindset to include the mobile space, there are unique challenges that apply to mobile endpoints. Bringing Your Own Device (BYOD) is one of the biggest challenges of facing an enterprise mobile attack, given the privacy needs and requirements of personally owned devices. Due to privacy concerns, standard products such as Mobile Device Management (MDM) are typically used only for company-managed devices and are often inadequate in detecting, reporting, and securing mobile devices against modern threats.
Mobile devices can provide attackers with virtual keys to the kingdom if they are hacked and used to bypass the multi-revenue method. Email access is a prominent offensive tool, but a mobile device can also provide access to accounting, finance, and CRM tools such as Salesforce, Microsoft Office 365, or Google Workspace. And with these tools now available on personal devices, beyond the scope and visibility of security infrastructure, companies are putting their data and services at risk in the name of technology benefits like BYOD.
Mobile ransomware may have a double effect
The dangers of ransomware mainly exist on two fronts.
- Mobile devices as a delivery mechanism for ransomware:
Hacking a device, which can be achieved with or without the knowledge of the owner, could allow a ransomware email to be sent that appears to come from a co-worker or a trusted source. Mobile devices can be used to spread traditional ransomware in ways that are difficult to detect and stop.
- Actual mobile ransomware: Early versions of mobile ransomware were somewhat bogus ransomware, using overlays to take advantage of accessibility features. But Apple and Google effectively closed these loopholes, pushing attackers toward actual ransomware on mobile devices.
An attack on a mobile phone can not only lock down the data and systems of the enterprise, but also block the user, threatening to wipe his bank account, for example, if a ransom is not paid. An attacker who took ownership of this device could leave his microphone and camera behind at all times to disrupt company meetings.
The bottom line is that mobile ransomware attacks can do everything WannaCry did, plus a lot more.
It’s time to focus on security
A future large-scale and impactful ransomware attack against a mobile phone is inevitable. Every year, we see mobile malware becoming more sophisticated, introducing new features and capabilities to affect the victim. These advanced malware technologies are only clues to the concepts of future attacks, paving the way for greater risks for mobile endpoints. It is only a matter of time before malicious actors introduce sophisticated ransomware on mobile devices with a huge impact on users and organizations.
Companies have not placed a high enough priority on mobile security as devices have become indispensable in our personal and business lives. Mobile devices are ready for an attack of WannaCry proportions, but whether that takes the form of ransomware or something else, it’s time to focus on mobile security now, before it’s too late.