The move to mass remote working during the COVID-19 pandemic saw the mobile attack surface expand dramatically, resulting in 97% of organizations facing mobile threats from several attack vectors, according to the Mobile Security Report 2021 by Check Point. Additionally, with 60% of workers are forecast to be mobile by 2024.
The study warns that almost half of businesses are affected by malicious mobile applications and 46% of organizations suffered a threat to their network and data due to an employee downloading a malicious mobile application.
In addition, four out of 10 mobile terminals in the world are vulnerable, causing cybercriminals to try to intrude with different techniques – from banking Trojans to mobile remote access viruses.
Check Point’s Achilles research showed that at least 40% of the world’s mobile devices are inherently vulnerable to cyberattacks due to flaws in their chipsets, and need urgent patching.
In 2020, Check Point found a 15% increase in banking Trojan activity, where users’ mobile banking credentials are at risk of being stolen. Threat actors have been spreading mobile malware, including Mobile Remote Access Trojans (MRATs), banking trojans, and premium dialers, often hiding the malware in apps that claim to offer COVID-19 related information.
Individuals’ mobiles are a very attractive target for various APT groups. During 2020, Check Point discovered a new and highly significant attack, in which threat actors used a large international corporation’s Mobile Device Management (MDM) system to distribute malware to more than 75% of its managed mobile devices – exploiting the solution, which is intended to control how mobiles are used within the enterprise.