As the remote workforce expands exponentially, many workers are doing critical day-to-day work on their mobile phones. This creates a new weak point that can be exploited for cyberattack. Here are some of the biggest threats your business may face.

by Brent Whitfield
April 21, 2021

Currently, 44 per cent of employees are working from home with only vague notions about returning to a physical workplace. The global mobile workforce is expected to reach 1.88 billion by 2023, and account for nearly 43.3% of the total workforce worldwide. What does this portend for workplace digital security?

A highly mobile workforce means increasing usage of mobile devices for business purposes. This means a much higher degree of threat to endpoint security, as mobile devices simply don't have the security that endpoints on a company network do. This is supported by data from Gartner, which predicts that by 2021, business data traffic outside the ambit of company security and flowing directly to the cloud from mobile devices will jump from 10 per cent to 27 percent. This means a higher degree of threat to corporate data that can easily be compromised as it passes through or stored on mobile devices.

While the rise of remote work and anywhere operations is not likely to stem, it falls to the chief information security officers and the core IT teams to know the threats facing this highly mobile workforce, so they can prepare for it in advance.

Here are 6 mobile security threats to consider:

Malware and Phishing Attacks

The pandemic period has seen a meteoric rise in cyber threats, including phishing and malware attacks that have grown highly sophisticated. Combining both social engineering and social scraping tactics, phishing attacks have become highly subtle and precise.

Moreover, malicious attackers are experts at emotionally manipulating users, and often use empathy baits such as spoofed emails and links to large philanthropic organizations asking for financial assistance in difficult times. They also use cloned sites of highly popular payment getaways, e-commerce sites, and more to lure users into a false sense of familiarity and security. At other times, these attacks could take the form of a pressing email from your boss or coworker sharing an important business document or a meeting link, or requesting a financial transaction. It’s becoming increasingly hard to spot or not respond to phishing lures for the common user.

SMishing attacks are also increasingly common these days, wherein hackers use SMS (short message services) to deploy device attacks or force users to reveal personal information. The attack may come in the form of a text message that asks the user to call an unknown number, click on a link to a website to enter personal information, or install mobile malware.

Malicious Code

Malicious code is computer code or web script that is designed to harm the target’s system by creating weaknesses that can lead to back doors, security breaches, data theft, and much more. Examples of malicious code can include attack scripts, viruses, worms, and backdoors.

Malicious code can pose as legitimate software, system update patches, or mobile apps. But the impact of malicious code on a single system can reverberate through the entire company network. Malicious codes also form a core component of stealth attacks, wherein the codes piggyback on pieces of legitimate software. The attack codes can impact and disable the user’s computing environment (and extended network, if connected) in various ways, such as, compromising sensitive data, reformatting hard drives, hijacking the entire system or, enabling access to unauthorized users.

Fake Login Screens

For many employees, the very nature of remote work and the tools they need to use to do their work are very new. These users are particularly vulnerable to compromised workflows and baits such as fake login screens. Hackers have improved their skills to the point where it takes a trained eye to spot a fake login screen from the legitimate one, and users often end up falling for it and filling up their details. Hackers can then use those credentials to impersonate remote workers or compromise corporate data and systems.

Cryptojacking

Cryptojacking refers to attacking user systems with the intent of using its processing power (CPU or graphics processor) to mine cryptocurrencies. These attacks can drain the resources of the compromised device and cause unpredictable downtime and business disruption for legitimate users. Hackers, on the other hand, can use the mined cryptocurrencies for purchases or even exchange them for government-backed currency. Patch updates and strong password policies are recommended to protect endpoints against such illegitimate usage.

Device Attacks

Every endpoint, from traditional desktops and laptops to mobile devices, is prone to attacks by hackers. These can include common browser or ad-based attacks, or denial of service or buffer overflow exploitations. Browser-based attacks are generally designed to install malware on target devices, or steal data/hijack access to the device. Buffer overflow exploitations can overwrite application memory to either target vulnerabilities within the application or change the way the application behaves.

Communication Interception

Communication interception signifies any form of tracking, interception, or recording of mobile communications. Mobile devices are prone to Wi-Fi hacking and MIM (man-in-the-middle) attacks. Through vulnerabilities in Wi-Fi and cellular protocols, hackers can intercept and decrypt data transmissions from any user’s device to compromise personal or corporate data. As remote workers sometimes leverage public Wi-Fi without knowing its vulnerabilities, hackers can use that window of opportunity to gain a foothold in your company’s network.

Adequate security measures for your remote workforce can prove to have very high financial and reputation damage to your company. Moreover, governments globally are implementing strict fines for failure to protect customer data, and could slap you with fines in case of non-compliance.

Brent Whitfield is the CEO of DCG Technical Solutions LLC. DCG provides specialist advice and managed IT support Los Angeles area businesses need to remain competitive and productive while being sensitive to limited IT budgets.
Brent has been featured in Fast Company, CNBC, Network Computing, Reuters, and Yahoo Business. He also leads SMBTN – Los Angeles, a MSP peer group that focuses on continuing education for MSP’s and IT professionals. DCG was recognized among the Top 10 Fastest Growing MSPs in North America by MSP mentor. Stay connected on LinkedIn



 

Tag(s): supportworld, business continuity, cloud computing, internet of things, knowledge management, security management

Related:

More from Brent Whitfield :


Comments: