Over the past few months, we worked closely with Verizon to provide key insights on the mobile threat landscape for their Mobile Security Index (MSI) 2020 report. Today, Verizon released the report and revealed that malware and man-in-the-middle (MitM) attacks are top threats vectors. This is based on aggregated usage data from devices with threat detection activated across our installed base of MobileIron Threat Defense, gathered over the course of 2019.
Malware remains a favorite tool of hackers
Our data revealed that 4.5% of Android devices had known malware. While that might not sound like much, one device can compromise an entire organization. And hackers are leveraging increasingly creative and sophisticated techniques to break through organizations’ defenses. For example, they are finding new ways to trick users into installing malware, such as disguising it in cloud-based applications. Hackers will likely continue to target mobile devices and applications with malware, as just one successful attack can be highly destructive.
Device threats, from lost devices to OS vulnerabilities, are a fact of life for most organizations
According to our data, 31% of devices harbored known threats – that’s almost unchanged since 2018. And one of the most dangerous mobile device threats is a MitM attack, which occurs when an attacker intercepts a mobile device’s network traffic, enabling them to read and capture credentials, emails, calendars, contacts and other sensitive data as a preliminary step in a more advanced attack. A MitM attack is often done through a rogue Wi-Fi hot spot or access point. According to our data, 7% of protected devices detected a MitM attack in the past year.
Organizations need to implement a mobile-centric zero trust approach
This research demonstrates how vulnerable mobile apps and devices are to attacks. For example, if not properly secured, an app can weaponize a device against an enterprise. And an unmanaged device can leak sensitive corporate data if its network connection is hit with a MitM attack. At the same time, mobile app, device and network threats are evolving and reaching new levels of sophistication. Organizations urgently need to protect mobile devices, and all the data and resources they connect to, without disrupting user productivity.
A mobile-centric zero trust approach can protect company data wherever it travels, and help users comply with company security policies and local regulations. MobileIron’s UEM platform with MobileIron Threat Defense (MTD) enables organizations to detect and remediate mobile threats, including app, device and network attacks, even when the device is offline. MTD offers continuous protection against mobile device threats, including malware, MitM attacks and unencrypted networks, that exploit user behavior and security gaps.
For more information, please click here to have a MobileIron representative reach out to you, or click here to begin a free 30-day trial. To download a complimentary copy of the Verizon Mobile Security Index results, please visit here.