Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


04:35 PM
Connect Directly

Survey Shows Surprisingly High Number Of Breaches Via Mobile

IDG/Lookout study shows another take on the mobile threat, while Verizon says breaches it's seen so far this year still aren't due to mobile devices.

In a surprising twist, nearly three-fourths of organizations in a new study say they experienced a data breach via mobile -- either malware-rigged mobile apps, vulnerable apps, or unsecured WiFi connections.

The new data comes from an IDG study commissioned by mobile security firm Lookout, which says the numbers came as a shock to them as well. "The most surprising results to us were that 74% said they had already experienced a data breach as a result of mobile" issue, says Aaron Cockerill, vice president of products at Lookout. "A lot of breaches globally are frequently attributed to infrastructure in the corporation, LAN … There's never really been a huge data breach attributed to mobile devices."

Of the 100 executives from companies with an average of 23,000 employees and mainly from technology, financial services, and manufacturing industries, 82% say most of their corporate data is accessible via users' mobile devices.

Some 38% say their companies suffered data breaches via vulnerable mobile apps; 36% via malware-rigged mobile apps; 30% via unsecured WiFi; 30% via rooted and jailbroken devices; 28% via apps that send or access sensitive data; and 15% from apps downloaded from non-official app stores.

To date there has been little evidence of mobile serving as a primary attack vector for breaches, with the exception of some nation-state attacks. While mobile vulnerabilities and malware are abundant and emerging regularly, most attackers still stick with the tried-and-true desktop attack.

Verizon, meanwhile, says it's still not seeing an uptick in mobile as an attack vector in data breaches. "We continue not to see mobile assets within the event chains of the incidents that are in our current data set, which represents a slice of actual 2015 incidents," says Marc Spitler, managing principal and co-author of the Data Breach Investigations Report, Verizon Enterprise Solutions. "Keep in mind that Verizon’s data breach investigations series focuses on how often these issues occur in the real world. Our real-world data does not support the 74 percent affirmative responses in this survey."

[BYOD may be a big fat security and management headache for the business world and mobile malware is on the rise, but the reality is that so far, hackers aren't employing mobile malware for cybercrime or cyber spying purposes. Read Verizon DBIR: Mobile Devices Not A Factor In Real World Attacks.]

That doesn't mean you should ignore mobile security or assume it won't become a problem, he says. Spitler says while mobile is not a major culprit for cyberattacks thus far, it's best to prepare for that to change. Organizations "should build processes and policies and controls now, before the threat rate increases," he says.

Lookout's Cockerill says the new data may be jolting, but it's "not a sign the sky is falling." However, he maintains that Verizon and other reports may not provide a full picture of the highly targeted attacks Lookout sees. "We believe what we're seeing and what we know from last year, is a dramatic increase of sophisticated local attacks … targeted at gathering important information," he says.

Meanwhile, Windows PCs make up about 80% of all mobile network infections. The overall infection rate for mobile devices jumped from 0.50% to 0.75% in late June mainly due to Windows PCs that are tethered to mobile WiFi devices, hotspots, and smartphones getting hit with a spike in malicious adware, according to Alcatel-Lucent's Motive Security Labs.

Aside from Verizon's discounting mobile as an attack vector in data breaches in its Data Breach Investigations Report this year, security firm Damballa Research recently summed up the reality of mobile threats this way: users are 1.3 times more likely to get struck by lightning than to be infected with malware, according to Damballa's data.

Lookout's Cockerill dismisses the argument that the bad guys target desktops over mobile devices because they're easier to infect. "I'm not convinced that it's necessarily harder to [attack via] mobile," he says. Many users are primarily working off their mobile devices today, anyway, he says.

"The reason you've not seen widespread" mobile attacks, he says, is attackers are following the valuable corporate data. "Data is only just starting to … move onto those mobile devices."

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Oldest First  |  Newest First  |  Threaded View
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-02-26
PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 there is a CSV Injection vulnerability possible by using shop search keywords via the admin panel. The problem is fixed in
PUBLISHED: 2021-02-26
PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 the soft logout system is not complete and an attacker is able to foreign request and executes customer commands. The problem is fixed in
PUBLISHED: 2021-02-26
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, requests to user provided domains were not restricted to external IP addresses when calculating the key va...
PUBLISHED: 2021-02-26
Synapse is a Matrix reference homeserver written in python (pypi package matrix-synapse). Matrix is an ecosystem for open federated Instant Messaging and VoIP. In Synapse before version 1.25.0, a malicious homeserver could redirect requests to their .well-known file to a large file. This can lead to...
PUBLISHED: 2021-02-26
All versions of package github.com/thecodingmachine/gotenberg are vulnerable to Server-side Request Forgery (SSRF) via the /convert/html endpoint when the src attribute of an HTML element refers to an internal system file, such as <iframe src='file:///etc/passwd'>.