Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


04:35 PM
Connect Directly

Survey Shows Surprisingly High Number Of Breaches Via Mobile

IDG/Lookout study shows another take on the mobile threat, while Verizon says breaches it's seen so far this year still aren't due to mobile devices.

In a surprising twist, nearly three-fourths of organizations in a new study say they experienced a data breach via mobile -- either malware-rigged mobile apps, vulnerable apps, or unsecured WiFi connections.

The new data comes from an IDG study commissioned by mobile security firm Lookout, which says the numbers came as a shock to them as well. "The most surprising results to us were that 74% said they had already experienced a data breach as a result of mobile" issue, says Aaron Cockerill, vice president of products at Lookout. "A lot of breaches globally are frequently attributed to infrastructure in the corporation, LAN … There's never really been a huge data breach attributed to mobile devices."

Of the 100 executives from companies with an average of 23,000 employees and mainly from technology, financial services, and manufacturing industries, 82% say most of their corporate data is accessible via users' mobile devices.

Some 38% say their companies suffered data breaches via vulnerable mobile apps; 36% via malware-rigged mobile apps; 30% via unsecured WiFi; 30% via rooted and jailbroken devices; 28% via apps that send or access sensitive data; and 15% from apps downloaded from non-official app stores.

To date there has been little evidence of mobile serving as a primary attack vector for breaches, with the exception of some nation-state attacks. While mobile vulnerabilities and malware are abundant and emerging regularly, most attackers still stick with the tried-and-true desktop attack.

Verizon, meanwhile, says it's still not seeing an uptick in mobile as an attack vector in data breaches. "We continue not to see mobile assets within the event chains of the incidents that are in our current data set, which represents a slice of actual 2015 incidents," says Marc Spitler, managing principal and co-author of the Data Breach Investigations Report, Verizon Enterprise Solutions. "Keep in mind that Verizon’s data breach investigations series focuses on how often these issues occur in the real world. Our real-world data does not support the 74 percent affirmative responses in this survey."

[BYOD may be a big fat security and management headache for the business world and mobile malware is on the rise, but the reality is that so far, hackers aren't employing mobile malware for cybercrime or cyber spying purposes. Read Verizon DBIR: Mobile Devices Not A Factor In Real World Attacks.]

That doesn't mean you should ignore mobile security or assume it won't become a problem, he says. Spitler says while mobile is not a major culprit for cyberattacks thus far, it's best to prepare for that to change. Organizations "should build processes and policies and controls now, before the threat rate increases," he says.

Lookout's Cockerill says the new data may be jolting, but it's "not a sign the sky is falling." However, he maintains that Verizon and other reports may not provide a full picture of the highly targeted attacks Lookout sees. "We believe what we're seeing and what we know from last year, is a dramatic increase of sophisticated local attacks … targeted at gathering important information," he says.

Meanwhile, Windows PCs make up about 80% of all mobile network infections. The overall infection rate for mobile devices jumped from 0.50% to 0.75% in late June mainly due to Windows PCs that are tethered to mobile WiFi devices, hotspots, and smartphones getting hit with a spike in malicious adware, according to Alcatel-Lucent's Motive Security Labs.

Aside from Verizon's discounting mobile as an attack vector in data breaches in its Data Breach Investigations Report this year, security firm Damballa Research recently summed up the reality of mobile threats this way: users are 1.3 times more likely to get struck by lightning than to be infected with malware, according to Damballa's data.

Lookout's Cockerill dismisses the argument that the bad guys target desktops over mobile devices because they're easier to infect. "I'm not convinced that it's necessarily harder to [attack via] mobile," he says. Many users are primarily working off their mobile devices today, anyway, he says.

"The reason you've not seen widespread" mobile attacks, he says, is attackers are following the valuable corporate data. "Data is only just starting to … move onto those mobile devices."

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/14/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Why Cybersecurity's Silence Matters to Black Lives
Tiffany Ricks, CEO, HacWare,  7/8/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-07-15
Advantech iView, versions 5.6 and prior, has an improper access control vulnerability. Successful exploitation of this vulnerability may allow an attacker to obtain all user accounts credentials.
PUBLISHED: 2020-07-15
Advantech iView, versions 5.6 and prior, has an improper authentication for critical function (CWE-306) issue. Successful exploitation of this vulnerability may allow an attacker to obtain the information of the user table, including the administrator credentials in plain text. An attacker may also ...
PUBLISHED: 2020-07-15
Advantech iView, versions 5.6 and prior, has an improper input validation vulnerability. Successful exploitation of this vulnerability could allow an attacker to remotely execute arbitrary code.
PUBLISHED: 2020-07-15
Advantech iView, versions 5.6 and prior, contains multiple SQL injection vulnerabilities that are vulnerable to the use of an attacker-controlled string in the construction of SQL queries. An attacker could extract user credentials, read or modify information, and remotely execute code.
PUBLISHED: 2020-07-15
Advantech iView, versions 5.6 and prior, has an improper neutralization of special elements used in a command (“command injection�) vulnerability. Successful exploitation of this vulnerability may allow an attacker to send a HTTP GET or POST request that create...