Malware has gone mobile – here’s how to protect your business
With more companies embracing remote work and flexible schedules, the number of people using a mobile device for work—whether personal or employer-provided—is higher than ever. The BYOD (“bring your own device”) approach is increasingly common in settings from corporate offices to mom-and-pop retailers. But with mobile malware and malicious apps on the rise, employees might be bringing more than just their smartphones into their work environments. Learn about the different software and apps to watch out for, how they infect mobile devices, and how to protect your business.
Mobile malware and malicious apps: the basics
Mobile malware is exactly what it sounds like: software that targets the operating system of a smartphone or tablet for nefarious purposes. Different kinds of malware and apps perform different functions, but they all pose a security threat for businesses. Common types include:
- Advertising click fraud – hijacks a device to generate fraudulent ad clicks and income;
- Bank trojan – steals password and login details from apps used to conduct financial transactions;
- Cryptomining malware – generates cryptocurrency on a victim’s device;
- Ransomware – locks a user out of their device and demands a ransom payment (often via an untraceable digital currency);
- Remote access tool (or “RAT”) – provides access to a device’s apps, browser and call history, SMS data, and more;
- Stalkerware – uses keylogging, call or video recording, social media monitoring, or other software to spy on the user’s digital behavior and/or track their physical location.
It’s important to note that unlike the other malware and malicious apps, stalkerware is readily available for purchase in mainstream app stores and may be promoted as a monitoring tool to help parents manage their children’s devices. However, as the name implies, individuals in abusive relationships can use these apps to spy on intimate partners without their knowledge or consent. And if a device that an employee uses for work is being monitored via stalkerware, then so is any private data and confidential information the employee accesses on that device.
Phishing, spoofing, and jailbreaks
Attackers typically distribute malicious apps and malware via phishing, spoofing, or jailbroken hardware. In a phishing attack, cybercriminals fool targets into providing their login credentials in response to an email or by clicking a malicious link. Spoofing is used in conjunction with phishing: the target receives a message or link that appears to be from a person or entity they know and trust but is actually a fraudulent “spoof” of a real sender’s identity.
You may be familiar with email phishing, but it’s becoming more prevalent on SMS and text messaging apps. According to CrowdStrike, more than half of organizations have already experienced mobile phishing attacks. Considering that people are significantly more likely to click a malicious link on a phone than on a desktop computer, SMS phishing (a.k.a. “smishing”) presents a growing threat to businesses where employees use mobile devices.
“Jailbreaking” a mobile device can make it more vulnerable to malware and malicious apps. People typically jailbreak their phones (bypassing internal protections to fully control the operating system) to make customizations or download third-party apps restricted by default settings. However, jailbreaking a device increases the risk of a cyberattack, which in turn increases the risk of a breach for companies whose employees use these devices for work.
Four ways to protect your business
The first step in guarding your organization against mobile threats is to ensure clear visibility around the most common distribution methods. The sooner you’re able to detect the presence of jailbroken devices and phishing attempts on your network, the more prepared you will be to deflect cybercriminals’ attempts at distributing malicious software. Next, check your employee policies and consider adding restrictions to prevent your people from using devices on your network that they have jailbroken or modified. Then, make sure you can recognize how malicious apps and software behave. What red flags should you look for? Any software designed to extract credentials, introduce malicious code pieces into normal system processes, or hijack or manipulate the operating system DLLs should sound an alarm. Finally, install anti-malware and endpoint security solutions – these can be vital tools for protecting your network against these threats.
For more information on protecting your business, visit key.com/cybersecurity.