The usage of mobile devices has been growing on an annual basis. However, with the Covid-19 pandemic, mobile devices became essential tools for employees while working remotely. They are being used for Zoom team calls and also to access SaaS applications and sensitive company files. Hence it is no surprise when Analysys Mason states that “mobile device security will be the fastest-growing cyber security category in 2021.” Let’s look at the five big cybersecurity threats facing mobile platforms in 2021.
1) Using unsecured public WiFi
Public WiFi networks are usually less secure than private WiFi. This is because you do not know whether it is encrypted, who set the network up, or who is currently monitoring or accessing it. Any public WiFi networks used by your employees to access your server may prove risky for your organization. For example, cybercriminals may set up a WiFi network that looks genuine but is actually used to capture data that is routed through it. To protect your business from such dangers of using public WiFi networks is to mandate that your employees use a VPN for Android to access your company systems or files.
2) Social engineering attacks
A social engineering attack is when a cybercriminal sends text messages (smishing attacks) or fake emails (phishing attacks) to trick individuals into downloading malware into their mobile devices or giving away private information such as passwords. A report by Verizon shows that phishing attacks were the leading cause of global data breaches in 2020. In such a scenario, you should hold awareness sessions to teach your employees how to recognize SMS messages and phishing emails. It would help if you also tried to reduce the number of employees who have access to sensitive data or systems since that will reduce the number of access points for cybercriminals.
With the usage of IoT devices growing in the last few years, smart homes have become a reality. However, most of the latest mobile IoT devices have IP addresses. This means that cybercriminals can use your employee’s mobile devices to access your business’s network if those devices are connected to your company’s systems. In such a scenario, your IT department should ensure that appropriate policy regulations are in place to ensure that your company’s systems are secure from external breaches.
Spyware is commonly installed on mobile devices when users click on malicious advertisements or with the help of scams that lead users into downloading the spyware unintentionally. The spyware, after being installed, may be used to collect data from the users. Furthermore, if the mobile device is connected to your company’s systems, your private data may be at risk. You should ensure that your employees regularly update their device operating systems and mobile apps, which helps ensure that they are protected against spyware.
5) Breaking bad password habits
According to a 2020 report by Balbix, 99% of the surveyed people used the same passwords between their work and personal accounts or even in different work accounts. What’s more concerning is that the passwords used were not strong either. Such bad password habits are a threat to companies whose employees access company systems using their mobile devices. This type of behavior also provides opportunities for cybercriminals to use password spraying and credential stuffing to access the employees’ credentials. With the help of these stolen credentials, cybercriminals can access sensitive information and data through mobile apps.
Photo Credit: pexels.com