Dive Brief:
-
Ransomware on mobile devices skyrocketed by 415% in 2017, according to Trend Micro's Mobile Threat Landscape report of nearly 500,000 mobile ransomware samples. The uptick may be a direct result of the publicly published source code of a strain of ransomware called SLocker. A version of the code imitated WannaCry's characteristics.
-
About 5.3 million Bluetooth-connected devices were compromised from varying forms of malware, including KRACK. KRACK targeted a weakness in WPA2, thus affecting "all modern protected Wi-Fi networks." As a result, 41% of Android devices were impacted. But vulnerabilities in iOS and Android devices increased by 38% from 2016, according to the report.
-
Mindless hacking is retiring as more targeted attacks took precedent in 2017, according to the report. Hacking campaigns were carried out from places including the Middle East, South Asia and Eastern Europe. The campaigns' purposes were to steal messages, contacts, images, media files and eavesdrop on activity taken on the mobile device.
Dive Insight:
Companies are already burdened to support additional devices on their existing infrastructure and this is in part due to the rise in the "consumerization of IT." Employees expect to be able to seamlessly take their work home with them thus taking company information too.
Whether it's U.S. secrets or company proprietary information, employees using mobile devices unintentionally expose their company to greater risk. As those devices are members of the IoT, their exposure to daily threats invites threats into the workplace.
For example, about half of Android devices operating on outdated software, a red flag for any IT department whose employees can access company data on their phone.
Employees are known to self-diagnose their own technological needs, which they often medicate with shadow IT. Almost half of all apps used by employees are not provided by their company's IT department therefore bypassing any security regulations already set in place.
