New Research: Mobile Malware Hits Every Business

Every business has experienced at least one mobile cyberattack in the past year, according to a new study published today by Check Point mobile threat researchers. The report, entitled Mobile Cyberattacks Impact Every Business, is the first study to document the volume and impact of mobile attacks across corporate and public enterprise environments.

The landmark study analyzes actual threat telemetry from corporate-issued and personally-owned bring-your-own devices. Data from the research demonstrates that enterprise mobility is under constant attack, affecting all regions and industries, on both Android and iOS platforms. These threats to mobile users are often sophisticated and ultimately capable of compromising any device, enabling unauthorized access to sensitive personal and corporate data.

Key findings of the mobile security report include:

  • Every company is under some form of mobile attack
  • The most affected industries are financial services and government
  • The most mobile attacks occur on businesses in the Americas
  • iOS devices are not immune to breaches, but the majority of attacks are on Android devices

The data in Mobile Cyberattacks Impact Every Business was collected from deployments of Check Point SandBlast Mobile in 850 organizations from July 2016 to July 2017. In the study’s sample, technology companies represented the largest percentage (32%) of secured devices, followed by financial services (21%), such as banks, brokerages, and insurance firms. Manufacturers composed 15% of the sample, with telecommunication companies (12%), retailers (7%), and government agencies (5%) rounding out the analysis.

Financial services (29%) and government (26%) experienced the most mobile malware attacks, far beyond their proportional representation in the analyzed sample. Both industries offer valuable caches for attackers, such as large repositories of financial and personal information. Technology firms were also heavily impacted by malware.

The research also yielded striking results about malware targeting iOS devices. iOS is generally considered the more secure platform when compared with Android. As a result, many regulated industries standardize on Apple devices for more reliable security. While some organizations require employees to use iOS devices for better security, the Check Point research indicates that iPhones and iPads are not immune to mobile malware attacks by any means. Of all iOS malware targeting the study’s sample, financial services was the overwhelming leader, accounting for 40% of all attacks. Government (20%) devices were also heavily targeted, followed by technology companies (9%) and manufacturers (9%).

The Americas was the most impacted region by mobile in the study’s sample. Countries in the Asia Pacific region accounted for a third of all mobile attacks, despite a smaller representation in the sample. This can be explained by several mass malware campaigns origninating in Southeast Asia during the past year, including HummingBad and CopyCat. However, the bottom line is that businesses in all regions are heavily impacted by mobile malware, making it difficult to ignore this troubling trend.

The study also examines the kinds of mobile malware hitting businesses across key industries; namely, premium dialers, info stealers, rough ad networks, and mRATS (mobile remote access Trojans).

Download the report today, and don’t miss the webinar on Dec. 7, in which the new research will be discussed and interpreted for what it means to your business.

Register to attend the webinar at a time convenient for your region.

Americas: December 7, 10 a.m. Pacific Time | Register now

Europe and Asia: December 7, 10 a.m. CEST | Register now

We hope to see you at the webinar.


Related Stories: