Are our smartphones the new attack vector for hackers?
This is guest blog by Cassie Phillips @SecureThoughtsC
In recent years, hackers have grown more organized and are willing to take far more time in carrying out their attacks. Hacking can earn cybercriminals millions, and it quickly leads to great reputational and monetary losses for organizations ranging from large corporations to non-profits. For individuals, hacking and cybercrime can lead to dangerous situations or identity theft.
Our smartphones have become a fair target for cybercriminals, and we can see that in the numbers. They are now the focus of cybersecurity conferences, such as Black Hat USA 2016. Smartphone acquisition and use is rising across the globe as it becomes more necessary and accessible to the average person. While larger cybercriminal collectives target their efforts on specifically infiltrating workplaces, they’ll also look at smartphones as an infiltration point. This only increases the need for focused smartphone cybersecurity.
Here’s what we need to recognize when we’re considering the security of our smartphones and our information:
Protect your phone like your computer
We have to truly come to terms with the fact that our smartphones are effectively pocket computers that also happen to make phone calls. The smartphones of today have the processing power of the desktop computers of yesterday and more. A few brave souls are foregoing computers altogether in favor of a smartphone and a generous data plan.
While you shouldn’t expect to be using only your smartphone as your computer just yet, you do need to consider how you use it. Think about how much data you keep on your smartphone and what type of accounts you have. Do you use banking apps on it? Do you send sensitive emails or communication? This info is what cybercriminals are after and malware is how they’re getting it.
Malware for smartphones is real
Most people are familiar with malware, and most online security suites worth their salt handle it without any concern on the part of the user. Yet within the past few years, there’s been a rapid increase in malware specifically targeted toward smartphones and browsers installed on them. Hackers saw an opportunity in the lack of smartphone security, and now they are capitalizing.
Malware can and will do everything from stealing information under the radar and sending it to the app creator to actually hold your phone for ransom and threaten to wipe it unless a payment is sent. Even Apple products are now vulnerable to ransomware, and malware development is only increasing in scale as the potential profits increase. It is the most widespread and easy method for hackers to attack your smartphone, and it only stands to grow worse.
We frequently find promises of free apps, game downloads or unbelievable deals on costly apps across the web. While most of these counterfeits (or malware in disguise) are easy to detect, we start to see a trend toward more sophisticated scams.
It should be noted that no matter what mobile operating system is being used, apps should only be downloaded from an approved app store. Everything else should be placed under suspicion. The likelihood is that they’re modified or coded specifically to harvest information or to keep tabs on the use of the smartphone. Few products online are created without some form of self-interest. Unfortunately, that lesson is not well known among the average smartphone user, leading to hackers taking advantage of victims hoping for an easy solution.
Networks and data plans
People seem to be aware of the dangers associated with using public networks on laptops and the potential for data interception (which quickly leads to identity theft), but what they might not be aware of is that many smartphones are apt to automatically connect to networks in order to save on mobile data usage. Unless this setting is turned off, users may be putting their data at risk to malicious network administrators and hackers on those public networks.
Some people are relying more on their data plans for their internet needs outside of the home and office. While this may prove expensive to some, more efficient and readily available data usage makes this a viable option.
Alternatively, more people are turning to the use of specialized Virtual Private Networks (VPNs) in order to keep themselves safe from hackers online and keep their information private. A VPN is a service that connects users to an offsite server and encrypts their connection, protecting them on any network. They have been adapted for smartphone use, improving their proliferation over time among the average smartphone owner.
Defense is Possible
You should be aware that protecting your smartphone is entirely within your power, with little exception. Relatively soon after threats pop up, we are able to devise and enact measures of defense. Here are some of the common methods and tools generally used on smartphones:
- To counteract hackers’ efforts in creating malware, cybersecurity firms and professionals have created specialized security suites and anti-malware apps for smartphones, many of which cost the user nothing. While they vary in quality, the best ones can be considered effective in keeping out most threats.
- Stronger verification measures have been added, such as the option for biometric readings on top of passcodes and PINs of various length. It is highly recommended to use at least a few of these options in order to keep thieves from immediately accessing your phone. This allows an owner enough time to perform a remote wipe before hackers can break into the phone.
- Practicing good network security and using tools such as a VPN is a must for those who regularly use public networks.
- Jailbreaking and rooting should be absolutely avoided with all phones. It removes internal barriers in the software of the phone that prevent malware from spreading.
- General online and regular security rules apply to smartphones. The internet remains the same, and smartphones are merely another way to access it and for hackers to access users.
These considerations are not the whole story, as it continues to unfold. As network options expand and smartphone technology improves, we may start to see the lines between general IT security and smartphone cybersecurity blend even further. The main takeaway is to stay vigilant about any potential threats and to trust your educated instincts when it comes to using your smartphone wisely.
Do you have any additional concerns or thoughts on where smartphone security will be going within the next few years? Are you especially worried about a type of attack hackers may try in the future? If so, please leave a comment below and share your thoughts.
Visit our website to learn more about Nokia security solutions.
Share your thoughts on this topic by replying below – or join the Twitter discussion with @nokianetworks or @nokia using #security #telcosecurity #smartphone