From IoT to Cryptojacking: Understanding new mobile device threats

In 2018, the world is a more connected place than ever before. As dependence on mobile devices continues to grow, so too does the cyber risk, says Moshe Elias, director of product marketing at Allot.

Checking a bank balance, sending a work email, sharing photos – these seemingly innocent actions are anticipated by malicious hackers who are looking for any opportunity to get their hands on private information.

A recent telecoms security report examined anonymous data gathered from four communication service providers (CSPs) across Europe. In the report, it was revealed that over a four-month period (November 2017 – February 2018), nearly two billion mobile security threats were blocked. That’s an average of two threats per mobile device per day.

With the amount of threats sure to increase, it’s imperative that both the users and service providers are protected. Security services delivered at the network level are best able to provide protection for several reasons.

Among them, there are many IoT devices, like webcams, on which a security client cannot be uploaded, many end-users do not want to take on the burden of securing their devices and lastly, with a network-based solution service provides can quickly update all of their users at once via centralised updating.

Cryptocurrency makes mobile an easy target

Now more than ever, consumers are choosing to use their mobile devices to conduct activities that are highly attractive to hackers. From streaming music and videos to online shopping – these activities are ripe for hackers.

The popularity of cryptocurrency makes it a desirable target for hackers who are looking to gain profit. Using sophisticated malware developed at a speedy rate, hackers can access consumer smartphones and crypto wallets, helping themselves to thousands of pounds worth of cryptocurrencies. Both Google and Apple recently removed infected applications from their respective app stores after suspect applications collected thousands of pounds worth of cryptocurrencies.

Stop attacks before they start

To help protect their end users, service providers should (and many are) providing security as a service (SECaaS). This includes delivering automated security tools (that don’t require the end user to take any action) and providing centralised, automatic updates to their anti-virus and other tools.

Moshe Elias

Doing this ensures that the service provider is offering end-to-end protection for both the end users and the organisation. Additionally, network-based anti-malware protection that is activated on mobile devices while connected to the internet can deter hackers and their malware.

 Figure out key hacker targets

 Twenty years ago, the possibility of carrying the internet around in the palm of your hand was unthinkable. With the advent of smartphones, the mobile landscape has changed and has swiftly moved mobile phones from being luxury items to items of absolute necessity. With this shift also comes a change in the focus of hackers.

They target mass-produced consumer mobile devices used in homes and businesses and try to find their way through safeguards and into users’ personal data. What’s particularly alarming is the rate at which they’ve been successful in infiltrating everyday smart objects.

Nearly half of consumers are accessing the internet via mobile device rather than a traditional computer. A reported 46 % of consumers opted to conduct transactions on a mobile platform to save time in 2017 – and hackers have definitely noticed.

After gaining control of a vulnerable mobile device, hackers can jump to the home network or home security system. From there, they can launch attacks that paralyse all activities run on the mobile devices connected to the network, rendering them useless.

An estimated six billion consumer IoT devices are connected worldwide and 2.6 billion smartphone subscriptions are connected globally. As these number are expected to grow, so too will the hackers’ intention to breach them. By preparing for the future now, CSPs will be able to protect themselves and their end users.

If CSPs can actively deliver and distribute security services to the mass market at the network level, it will only benefit the organisation as well as the end users. By following the adage, “an ounce of prevention is worth a pound of cure,” CSPs can enhance the end users’ quality of experience as well as their mobile device security.

The author of this blog is Moshe Elias, director of product marketing, Allot

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

 

FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more
RECENT ARTICLES

Infineon and Rainforest Connection create real-time monitoring system to detect wildfires

Posted on: October 22, 2021

Munich and San Jose, California, 21 October, 2021 – Infineon Technologies AG a provider of semiconductors for mobility, energy efficiency and the IoT, announced a collaboration with Rainforest Connection (RFCx), a non-profit organisation that uses acoustic technology, Big Data and Artificial Intelligence / Machine Learning to save the rainforests and monitor biodiversity.

Read more

Infineon simplifies secure IoT device-to-cloud authentication with CIRRENT Cloud ID service

Posted on: October 21, 2021

Munich, Germany. 21 October 2021 – Infineon Technologies AG launched CIRRENT Cloud ID, a service that automates cloud certificate provisioning and IoT device-to-cloud authentication. The easy-to-use service extends the chain of trust and makes tasks easier and more secure from chip-to-cloud, while lowering companies’ total cost of ownership. Cloud ID is ideal for cloud-connected product companies

Read more