Enterprises Beware: Malware Hits Wide Range Of Targets



Dan Gunderman
11/22/2017

Mobile malware is a true thorn in the side of IT professionals. In fact, its effect worldwide makes it one of the most persistent threats in the cyber space.

A recent report from Check Point Mobile Threat Research uncovered that of 850 surveyed organizations, 51% in the EMEA (Europe, Middle East and Africa), 31% in the Americas and 19% in APAC (Asia Pacific) had experienced at least one mobile attack in the last year.

According to SC Magazine, the average per company was a whopping 54.

Seventy-five percent of the responding companies experienced at least one jailbroken iOS or rooted Android device. The per-organization average was 35.

In the iOS format, jailbreaking is the process of removing software restrictions imposed by Apple, using patches which allow for root access. This opens up the device to app installations that go beyond the Apple App Store.

For Android, rooting is a similar process that allows devices running on it to become susceptible to root access. In that case, one can skirt administrative permissions to overcome limitations imposed by the carriers or software providers. This could lead to the installation of specialized/ harmful apps.

In its breakdown, the report suggested that the financial industry (26% of attacks) and the government sector (29%) were the hardest hit. Technology firms were third (18%), and telecommunications, manufacturing and retail were within 6-8%.

See Related: U.K. ISP Chief Says Team Confronts 4K Cyber Attacks Per Day

The findings also bring up iOS malware attacks more frequently than one might expect. The financial industry absorbed 40% of iOS malware attacks.

What’s more, the severity or type of attack depended on the industry, as one might guess. The government sector drew more premium dialer attacks (which exploit SMS and call privileges).

The financial industry drew the brunt of other types of malware, too: info stealers, rough ad networks and RATs (which can seize control of a device’s sensors and monitor camera usage).

Geographically, the malware hits showed no true preference. The Americas felt 39% of the attacks, with APAC not too far behind at 33%. The EMEA experienced 28%.

The report indicated that the malware attacks will likely increase in the coming years – in proportion to the advances in technology. Further, it said, mobile devices are “easier” to get a hold of and contain exceedingly sensitive information.

For the enterprise security professional, being aware of said mobile threats is becoming an increasingly arduous but necessary task. This is true especially in spaces that use corporate devices or cater to “bring your own device” (BYOD).