Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile

10/6/2015
04:35 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Survey Shows Surprisingly High Number Of Breaches Via Mobile

IDG/Lookout study shows another take on the mobile threat, while Verizon says breaches it's seen so far this year still aren't due to mobile devices.

In a surprising twist, nearly three-fourths of organizations in a new study say they experienced a data breach via mobile -- either malware-rigged mobile apps, vulnerable apps, or unsecured WiFi connections.

The new data comes from an IDG study commissioned by mobile security firm Lookout, which says the numbers came as a shock to them as well. "The most surprising results to us were that 74% said they had already experienced a data breach as a result of mobile" issue, says Aaron Cockerill, vice president of products at Lookout. "A lot of breaches globally are frequently attributed to infrastructure in the corporation, LAN … There's never really been a huge data breach attributed to mobile devices."

Of the 100 executives from companies with an average of 23,000 employees and mainly from technology, financial services, and manufacturing industries, 82% say most of their corporate data is accessible via users' mobile devices.

Some 38% say their companies suffered data breaches via vulnerable mobile apps; 36% via malware-rigged mobile apps; 30% via unsecured WiFi; 30% via rooted and jailbroken devices; 28% via apps that send or access sensitive data; and 15% from apps downloaded from non-official app stores.

To date there has been little evidence of mobile serving as a primary attack vector for breaches, with the exception of some nation-state attacks. While mobile vulnerabilities and malware are abundant and emerging regularly, most attackers still stick with the tried-and-true desktop attack.

Verizon, meanwhile, says it's still not seeing an uptick in mobile as an attack vector in data breaches. "We continue not to see mobile assets within the event chains of the incidents that are in our current data set, which represents a slice of actual 2015 incidents," says Marc Spitler, managing principal and co-author of the Data Breach Investigations Report, Verizon Enterprise Solutions. "Keep in mind that Verizon’s data breach investigations series focuses on how often these issues occur in the real world. Our real-world data does not support the 74 percent affirmative responses in this survey."

[BYOD may be a big fat security and management headache for the business world and mobile malware is on the rise, but the reality is that so far, hackers aren't employing mobile malware for cybercrime or cyber spying purposes. Read Verizon DBIR: Mobile Devices Not A Factor In Real World Attacks.]

That doesn't mean you should ignore mobile security or assume it won't become a problem, he says. Spitler says while mobile is not a major culprit for cyberattacks thus far, it's best to prepare for that to change. Organizations "should build processes and policies and controls now, before the threat rate increases," he says.

Lookout's Cockerill says the new data may be jolting, but it's "not a sign the sky is falling." However, he maintains that Verizon and other reports may not provide a full picture of the highly targeted attacks Lookout sees. "We believe what we're seeing and what we know from last year, is a dramatic increase of sophisticated local attacks … targeted at gathering important information," he says.

Meanwhile, Windows PCs make up about 80% of all mobile network infections. The overall infection rate for mobile devices jumped from 0.50% to 0.75% in late June mainly due to Windows PCs that are tethered to mobile WiFi devices, hotspots, and smartphones getting hit with a spike in malicious adware, according to Alcatel-Lucent's Motive Security Labs.

Aside from Verizon's discounting mobile as an attack vector in data breaches in its Data Breach Investigations Report this year, security firm Damballa Research recently summed up the reality of mobile threats this way: users are 1.3 times more likely to get struck by lightning than to be infected with malware, according to Damballa's data.

Lookout's Cockerill dismisses the argument that the bad guys target desktops over mobile devices because they're easier to infect. "I'm not convinced that it's necessarily harder to [attack via] mobile," he says. Many users are primarily working off their mobile devices today, anyway, he says.

"The reason you've not seen widespread" mobile attacks, he says, is attackers are following the valuable corporate data. "Data is only just starting to … move onto those mobile devices."

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
HackerOne Drops Mobile Voting App Vendor Voatz
Dark Reading Staff 3/30/2020
Limited-Time Free Offers to Secure the Enterprise Amid COVID-19
Curtis Franklin Jr., Senior Editor at Dark Reading,  3/31/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11529
PUBLISHED: 2020-04-04
Common/Grav.php in Grav before 1.6.23 has an Open Redirect.
CVE-2020-11527
PUBLISHED: 2020-04-04
In Zoho ManageEngine OpManager before 12.4.181, an unauthenticated remote attacker can send a specially crafted URI to read arbitrary files.
CVE-2020-11528
PUBLISHED: 2020-04-04
bit2spr 1992-06-07 has a stack-based buffer overflow (129-byte write) in conv_bitmap in bit2spr.c via a long line in a bitmap file.
CVE-2020-11518
PUBLISHED: 2020-04-04
Zoho ManageEngine ADSelfService Plus before 5815 allows unauthenticated remote code execution.
CVE-2020-5347
PUBLISHED: 2020-04-04
Dell EMC Isilon OneFS versions 8.2.2 and earlier contain a denial of service vulnerability. SmartConnect had an error condition that may be triggered to loop, using CPU and potentially preventing other SmartConnect DNS responses.