The COVID-19 pandemic saw the mobile attack surface expand dramatically: report
- Published: Tuesday, 20 April 2021 08:50
Check Point has published its 2021 Mobile Security Report. The report examines the latest emerging threats targeting enterprise mobile devices, and gives a comprehensive overview of the major trends in mobile malware, device vulnerabilities, and in nation-state cyber attacks. It also shows how organizations can protect themselves against today’s and tomorrow’s complex mobile threats and how these threats are likely to be evolving.
The move to mass remote working during the COVID-19 pandemic saw the mobile attack surface expand dramatically, resulting in 97 percent of organizations facing mobile threats from several attack vectors. With 60 percent of workers forecast to be mobile by 2024, mobile security needs to be a priority for all organizations says the report.
Other key findings of the report include:
- All enterprises are at risk from mobile attacks: almost every organization experienced at least one mobile malware attack in 2020. 93 percent of these attacks originated in a device network, which attempts to trick users into installing a malicious payload via infected websites or URLs, or to steal users’ credentials.
- Nearly half of organizations impacted by malicious mobile apps: 46 percent of organizations had at least one employee download a malicious mobile application that threatened their organization’s networks and data in 2020.
- Four in ten mobiles globally are vulnerable: Check Point’s Achilles research showed that at least 40 percent of the world’s mobile devices are inherently vulnerable to cyber attacks due to flaws in their chipsets, and need urgent patching.
- Mobile malware on the rise: in 2020, Check Point found a 15 percent increase in banking Trojan activity, where users’ mobile banking credentials are at risk of being stolen. Threat actors have been spreading mobile malware, including Mobile Remote Access Trojans (MRATs), banking trojans, and premium dialers, often hiding the malware in apps that claim to offer COVID-19 related information.
- APT groups target mobile devices: individuals’ mobiles are a very attractive target for various APT groups, such as Iran’s Rampant Kitten, which has conducted elaborate and sophisticated targeted attacks to spy on users and steal sensitive data.
Check Point’s 2021 Mobile Security Report is based on data that was collected from January 1st, 2020 through to December 31st, 2020, from 1,800 organizations that use Check Point Harmony Mobile. It also draws on data from Check Point’s ThreatCloud intelligence, from Check Point Research´s investigations over the last 12 months, and on recent survey reports from external organizations.