Page 156 - Cyber Defense eMagazine March 2024
P. 156
business processes. By allowing employees to use their personal phones, tablets, and laptops for work,
organizations offer their employees greater flexibility, enhanced workflows, improved communications,
and more efficient and productive ways of working overall. Keeping corporate information secure on
employees’ mobile devices isn’t easy, however, and an employees ability to use personal devices for
work poses unique challenges and cybersecurity threats. If an employee's device were to become
compromised due to a lack of proper security measures, for example, confidential company information
could easily fall into the hands of bad actors looking to exploit the organization.
As we move further into 2024, cybercriminals will only continue to be on the lookout for new ways to
exploit vulnerabilities in mobile devices. In fact, according to Zimperium’s Global Mobile Threat Report
2023, 43% of all compromised devices were fully exploited (not jailbroken or rooted), an increase of 187%
year-over-year - an astonishing number. This is why it should be every IT decision-makers goal to ensure
that their devices are secured against any and all emerging threats.
Top Threats to Mobile Devices
Mobile security threats are commonly thought of as a single, all-encompassing threat. But the truth is,
there are many tactics that threat actors use to infiltrate our mobile devices. And unfortunately, these
threats tend to not only compromise personal information of employees but also disrupt an entire
company’s system and network. Here are some of the top threats that our beloved mobile devices are
susceptible to.
Data Breaches: A data breach is any security incident in which unauthorized parties gain access to
sensitive or confidential information, including personal data. Cybercriminals are hyper aware of the
significant amount of sensitive data stored on our smartphones - from credit card numbers to login
credentials for various accounts. Because of this, mobile devices have become a main target for attackers
seeking to steal this valuable data or sell it on the dark web. Data breaches on popular apps like Twitter
and WhatsApp have put millions of users at risk in recent years.
Phishing Scams: Phishing attacks remain a top cybersecurity risk for organizations, and using personal
devices for work can exacerbate this threat. Phishing is a social engineering attack where scammers try
to trick people into giving away their personal information by posing as legitimate entities such as banks
or government agencies through emails or messages. Employees may be more susceptible to phishing
attacks on their personal devices, as they may not be as vigilant about scrutinizing emails or messages
from unknown sources.
Malware Attacks: With the rise in popularity of mobile apps, malicious actors have found a new way to
target unsuspecting users. Malware such as viruses, trojans, adware, and spyware can infect your device
through seemingly harmless apps or links. Once a personal device is infected, the malware can easily
spread to the corporate network when the user connects their device to it. Malware can also spread
through the organization's cloud services, email, or file-sharing platforms.
Outdated Software: Personal devices typically have inconsistent software updates and patches, leaving
them vulnerable to cybersecurity threats. Users may neglect to update their devices or applications
regularly, as they are not managed by an IT department that enforces timely updates. Outdated software
Cyber Defense eMagazine – March 2024 Edition 156
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
