According to research published in 2017, every single business has experienced at least one cyberattack on its network and/or data via a mobile device. This includes BYOD and corporate mobile devices.
The study included representative organisations and business from most sectors including banks, telcos, government departments as well as retailers, manufacturing companies and tech firms. It is the first study of its kind to analyse and report on the impact of mobile attacks, globally, across both the private and public sectors and makes for some alarming, but not unsurprising, reading.
Entitled Mobile Cyberattacks Impact Every Business, findings were prepared by Check Point Software Technologies Ltd using data obtained from 850 organisations for the period July 2016 to July 2017. Information was collected using their own SandBlast Mobile software deployments and analysed by industry sector.
Secured Devices by Industry
The largest percentage of secured devices in the study were represented by technology companies at 32% followed by:
- Financial Services (21%)
- Manufacturers (15%)
- Retailers (7%)
- Government Agencies (5%)
Malware Attacks by Industry
Despite having the highest proportion of secured devices, tech companies were not immune to mobile malware attacks, nor was the financial services sector.
The full results indicate that both of these sectors, along with government agencies represented a combined percentage of almost three out of every four mobile malware attacks. All three sectors offer cybercriminals potentially very valuable data.
In order of most frequent number of attacks, this is the split by industry type:
- Financial Services (29%)
- Government Agencies (26%)
- Tech Companies (18%)
- Telcos (8%)
- Manufacturing (7%)
- Retail (6%)
- Others (6%)
Malware Attacks by Industry (iOS vs Android)
The report went on to analyse the split between platforms looking specifically at the difference between the perceived security of iOS vs Android devices. Whilst iOS was shown to perform better at securing a device against incidences of malware, they were far from immune. This is particularly worrying for regulated industries that have a policy of using iOS for the very reason that they offer better security. One such sector is the financial services industry which unsurprisingly accounted for two out of five iOS mobile malware attacks.
The full findings of iOS Malware by Industry reveal:
- 40% of iOS Malware attacks were reported in the Financial Services sector.
- 20% of iOS Malware attacks were reported in Government Agencies.
- 9% of iOS Malware attacks were reported in both the Manufacturing and Tech sector.
- 5% of iOS Malware attacks were reported in Telcos.
- 3% of iOS Malware attacks were reported in the Retail sector
- 14% of iOS Malware attacks were reported in other sectors.
Mobile Malware by Region
The split of incidences of mobile malware attacks occurs in all regions with the Americas topping out the list at 39%, this was closely followed by APAC at 33% and EMEA at 28%.
Mobile Malware: The Future
The report expanded its findings by questioning industry professionals about the future of mobile malware threats and 94% of security professionals anticipate that the incidence rate of attacks will continue to rise. Worryingly, almost two thirds (66%) doubt that there is anything they can do to prevent this trend.
Certainly, mobile usage is on the increase with these devices now being the primary access point for the majority of users. Combined with the fact that these devices are, in the main, unsecured and number in their billions, it is little wonder that cybercriminals can see the potential in mobile malware attack.
The current landscape of BYOD and unsecured corporate devices is unsustainable if security is to be preserved across all access points and more can be done to mitigate the risks of mobile malware. Whilst no defences are 100% immune, deploying mobile threat defence (MTD) solutions like Check Point’s SandBlast can help immobilise the threat to mobile security.