Small to mid-sized businesses (SMBs) are increasingly targeted by cybercriminals. Approximately 43 percent of cyberattacks are aimed at SMB’s, but only 14 percent are prepared to defend themselves, according to Accenture.
Unfortunately, most SMBs aren’t fully prepared to prevent, detect, or respond to cyber-attacks or intrusions. They don’t think that hackers would want to waste their time on a company their size. Hackers know that, which explains why these companies can be easy targets.
If a cyber intruder gains control of the mobile device of just one individual in a small to mid-sized company, they can leverage that compromised device to invade the company network. Intrusions like this can be crippling to an SMB, costing the company revenue, disrupting its operations, endangering its critically important data assets, and ruining customer relationships.
The move to mobile has revolutionized the way we do business, but it has also created new security risks that weren’t an issue just a few years ago. On average, mobile users spend 80 percent of their time outside of the protected corporate network, according to Zimperium1.
One risk is that far too many mobile devices are unprotected against increasingly sophisticated hacker techniques. The phones’ operating systems are highly vulnerable when security patches aren’t kept fully up to date, and individual mobile users aren’t as diligent about upgrades as their corporate IT departments.
But there are defensive moves that a small to mid-sized company can make to ensure mobile devices are protected. One of those strategies is to adopt a mobile threat detection (MTD) solution that takes advantage of artificial intelligence to outwit the hackers. We’ll address that later, but first, it is worth taking a look at why hackers are now so focused on mobile devices. Here are the five top reasons:
1. To steal credentials and passwords
Hackers know that most people use the same passwords across all their mobile devices and applications. If they get into the mobile device, it’s easy to move to the user’s laptop and then to the corporate network. Mobile devices are the entryway to a whole world of opportunity for intruders.
Approximately 90 percent of breaches start with an email phishing attack1. And since a large number of emails are read via a mobile device, it’s a target-rich environment to steal credentials and passwords. The fact that mobile users are dealing with a smaller screen, are often distracted due to multitasking, and can’t see a URL bar that might alert them to something suspicious makes them more vulnerable than they would be at the office on a laptop.
2. To obtain data
If an employee is using their mobile device for email and to access corporate data, the hacker may be able to easily seize that data. Because all email and attachments reside in one folder on a mobile device, hackers know exactly where to go to find data and download it. Say goodbye to your data, regardless whether it’s harmless or confidential or business-critical.
3. To conduct reconnaissance
When cybercriminals gain control of your device, they can also turn on your microphone or your camera, and spy on you. If it’s the CEO’s phone and he’s in the middle of negotiating a big deal, the hacker can hear every word. A lot of powerful movers and shakers live by their mobile devices, and the last thing they would want is someone knowing their every move.
And if the hacker has access to your device, he or she also has access to your contacts and your calendar, and can figure out just the right time to turn on the recording function. It won’t be during your dentist visit, it will be when you’re meeting with a client or a potential client. If that hacker has targeted you individually because of your position in your company, what they learn in their spying could be incredibly valuable to a competitor or even a foreign government.
4. To “land and expand”
That is, to go beyond control of the device to higher-value objectives. Such as the corporate network. There are many ways that a compromised phone can gain corporate access. There is the simple approach, to use the device that the hacker now controls to send texts and emails posing as the legitimate user in order to gain further information or cause disruption. Or – through control of the phone – the hacker can leverage the mobile devices’ connections to the corporate Wi-Fi network when the user goes back to the office.
One hacker took advantage of the guest network in a target company’s lobby, noting that there were a lot more people connected than were in the lobby at that time. It turns out that employees were using the guest network to get outside and access apps and sites that the corporate network was blocking. The hacker tricked one user into downloading what she thought was a game, took control of her device, and went on to set up super-admin privileges for himself that opened up the entire network to him.
5. To deliver malware
Ransomware and malware can provide direct financial gain to a hacker. That was the case with the WannaCry ransomware attack that informed recipients that their device were encrypted, and instructed the victims to send payment in Bitcoin in order to unlock their device.
The particular hackers behind WannaCry especially targeted Android devices. They got onto a Wi-Fi network, scanned all the connected Android devices, and determined which ones were susceptible to their ransomware. They infected one phone and then – when the user got back to the corporate office and logged onto the company network – they were able to lock up entire companies and demand a ransom.
Protecting your turf
If you’re going to protect your company against these types of mobile security risks, you need a mobile security threat detection and threat management system. In particular, an MTD (mobile threat detection) solution can detect, prevent, and remediate attacks.
Sprint Secure Mobile AI is one such solution, which is powered by Zimperium and its patented machine learning threat detection engine, Sprint Secure Mobile AI is an advanced on-device MTD solution that delivers protection by collecting and analyzing threat data and device behavior. When it sees any indications of possible compromise it moves to counter those mobile threats. It uses machine learning to provide comprehensive protection against attacks or intrusions. The built-in artificial intelligence can detect both known and previously unknown threats by looking for the suspicious signs of intrusion or attack.
Covering all the vulnerable points – the device, the network, and applications – an AI-based MTD solution works with leading mobile device management (MDM) solutions to protect and quickly remediate any issues discovered. It provides end-to-end cyber threat detection.
Why artificial intelligence? Because if you’re going to combat threats that have never been seen before, you need a system that observes, and learns, and can weave in data both from inside the network and devices being monitored and outside information that could be helpful in battling a mobile threat.
There may be billions of data points to be considered, across tens of millions of endpoints. Human analysis could never begin to address all that information. An AI-based machine learning system can.
For more information about how Sprint Secure Mobile AI can protect your employees’ mobile devices, watch this free webinar.
1Sprint Zimperium webinar- 5 Things to Know about Mobile Security, Aug 2019