The dark side of mobility
Users of mobile devices with Internet connection are faced with attacks that could compromise their personal data and cost them dearly
Mobile devices are advancing at a staggering speed towards converting themselves into the digital tools par excellence. We are not talking about simple phones with Internet connection: a tablet or a smartphone can be used to read and edit work documents, to access corporate networks or to make purchases and carry out transactions online. The mobile has become the user’s most important information and resource centre.
With almost half of Spaniards using smartphones, the migration towards mobility is an irreversible phenomenon that is expanding the borders of usability and offers new opportunities to users. But it is necessary to remember that an expanding market is also attractive to cybercriminals. According to the latest Mobile Threat Report by the company Juniper Networks, between 2010 and 2011, malware aimed at mobile devices grew by 155%, reaching all-time highs.
Faced with this phenomenon, users should be conscious of the fact that the mobile has become a tool as vital and important as a laptop or a PC. Much more is stored on it than a simple address book and the protection of this sensitive information has become a vital necessity.
“If we look at the world of the computer, all the threats that we have there can reach our mobile device,” explains David Noguer Bau, Service Provider Solutions Marketing Manager at Juniper for Europe, the Middle East and Africa. The specialist adds that ”these devices that people carry with them, they use to log on from a café, from work, from home, and they sometimes use them in situations that are not very secure.”
In this way, an insecure smartphone can become a threat not only to users but also, above all, to corporate networks. “It could be a friend that recommends an application to another person, they install it and the next day this phone is in the meeting room of the board of directors of a big company,” says Noguer Bau.
According to studies by Juniper, there are three fundamental aspects that define mobile threats. First, last year the quantity of attacks reached unprecedented levels. Secondly, the threats are becoming more and more intelligent, and cybercriminals have adjusted their aim to exploit the new weaknesses in all devices and platforms. Lastly, the entrance barrier is low, attacks are becoming technically more complex and have the capacity to obtain huge rewards in a relatively short period of time.
All this implies that users have to be conscious of the fact that when they use their smartphones, they are exposed to threats that put their data and their pockets at risk. Therefore, they should take precautions to protect themselves from the increasing dangers.
The main target: companies
“Attacks are directed where there is money.” This maxim maintained by Noguer Bau, and surely shared by practically all IT security specialists, helps us to understand the way that cybercriminals behave.
Currently more and more companies allow their employees to bring their own devices to the office. This trend means that workers are more productive and they feel more comfortable when given the chance to use their favourite systems. But at the same time this implies an enormous security risk to companies, whose security departments have to manage a greater number and variety of devices.
The problem lies basically in the vulnerabilities that a person can be exposed to outside the office, but which later have the possibility of entering a work network. “If you can attack an employee’s mobile when they’re at the door of the company or in the coffee shop opposite and you manage to enter it, this same mobile will be inside the company minutes later,” says Noguer Bau.
To protect companies from this type of threats, Juniper offers the ‘Junos Pulse Mobile Security Suite’ solution. This application can be used by administrators of corporate networks to establish the security parameters that will have to be respected by any mobile device that wants to log on to the network, unless it has an antivirus or firewall.
The application has versions supporting all the most popular mobile operating systems, and enables any device to connect itself securely to a corporate network. What’s more, in the case of the device being lost, for example, it offers the possibility of eliminating all the sensitive information automatically.
How can end users protect themselves?
As in all questions related to the security of digital tools, the weakest link is undoubtedly user behaviour. The majority of vulnerabilities originate in bad user practices and the lack of awareness with respect to the dangers to which Internet users are exposed to. Increasing numbers of people use mobile devices to make transactions. eBay, one on of the most important online stores in the world, recently announced that it expected an increase of 37.5% in the area of mobile phone transactions, reaching a volume of $8 billion a year.
In this context, what should users do to assure themselves that their data and above all their money is safe? In its Mobile Threat Annual Report, Juniper offers some advice in this area. Firstly, Internet users have to be more careful with the applications that they download to their devices.
If malware has appeared even in official application stores such as GooglePlay or Apple’s App Store, the main recommendation in this area is not to download from unofficial markets. The existence of false installers has been detected who promise to install a popular and well- known tool, when in fact it is malware. So, even though the software seems reliable, downloads should only be made through official stores.
As a second measure, the same policy should be applied as when protecting a PC or laptop. This means installing a firewall that enables protection from attacks and observing the use that applications make of the web. Also, protect the device by using passwords with expiry dates and periodic updates for increased security.
But, above all, don’t be intimidated. If the threats to mobile devices are on the rise and everything indicates that that this trend will continue, what is happening is a logical process. At the same time that users embrace mobile technology, attracted by its user friendliness and functionality and by the possibility of obtaining a better user experience, more cyber-criminals are looking to exploit vulnerabilities to obtain rewards. Users should be more responsible, careful and apply good user practices to enjoy to the full the enormous advantages that mobility offers them.