Verizon Mobile Security Index 2021 with Threat Insights from Check Point Software

By Dana Katz, Head of Product Marketing, Threat Prevention

Verizon recently released its fourth annual Mobile Security Index (MSI) to provide IT leaders with an essential perspective on the fast-evolving mobile threat landscape. We are proud to share that this year, Check Point has been one of the main contributors to the report, which incorporates real-world threat insights exclusively discovered by the Check Point research Group in the past year.  

In the past decade, Verizon has taken a vital role in raising awareness about cybercrime and its implications on enterprises worldwide by publishing industry-leading reports such as the Verizon Data Breach Incident Report (DBIR). The Verizon Mobile Security Index (MSI) 2021, which combines real-world threat insights with survey results from Check Point and industry peers, aims to spotlight the increasing sophistication, frequency, and impact of mobile-related cyber threats against businesses worldwide.

The move to mass remote working during the COVID-19 pandemic has made mobile devices critical to business operations. Many employees have access to much of the same valuable corporate data—via their mobile devices as Commuters who sat in the office. This means that a mobile device’s compromise can now pose just as great a risk to your customer data, intellectual property, and core systems

” We are excited to showcase in the MSI our insights which uncover new and sophisticated tactics developed by threat actors to breach organizations through employees’ smartphones.” said Itai Greenberg, VP of Product management and marketing at Check Point.” Securing the remote workforce requires IT leaders to strengthen their mobile security strategy, and an excellent way to start is by understanding the mobile threat landscape and how it may impact organizations’ security posture.”

Main insights from the Verizon Mobile Security Index 2021:

• Awareness about mobile threats is rising – 60% of respondents said they think mobile devices are the company’s biggest IT security threat. Of the rest, 85% said that mobile devices are at least as vulnerable as other IT systems
• Mobile security is often sacrificed to allow business continuity – growing threats and never-ending pressure from the organization are putting IT in a difficult position. Over 75% had come under pressure to sacrifice mobile device security to meet deadlines and other business goals. And 75% of those succumbed.
• Fewer companies were aware of successful mobile-related attacks. Still, the risk remains high – while 23% were aware that their company had experienced a mobile evoke-related security compromise (a slight decrease from previous reports), 56% of them saying that the consequences of these compromises were significant.

Some of the insights Check Point shares in the 2021 MSI include:

• Pandemic-related spike – COVID-19-related phishing and malware attacks increased from fewer than 5,000 per week in February 2020 to more than 200,000 per week by late April. As countries started to ease lockdowns in May and June, threat actors stepped up their non-COVID-19-related exploits. This resulted in a 34% increase in all types of cyberattacks globally at the end of June compared to March and April.¹⁷
• Malicious applications in the Google Play store – In mid-2020, Check Point identified a substantial increase in the number of malicious applications in the official Google Play store. This included applications infected with the Tekya clicker, BearCloud and Haken.
• MDM as an attack vector – One of the most innovative techniques we saw in 2020 was an attack where the threat actors used an international corporation’s own MDM system to distribute malware to more than 75% of its managed mobile devices. This shows that an MDM is insufficient to secure mobile devices and makes a case for effective MTD.
• Ransomware goes mobile – Check Point researchers have discovered more than 80 variants of the “Black Rose Lucy” in the wild, mainly distributed via social media and IM apps. The “Black Rose Lucy” (initially discovered in September 2018) is a Malware-as-a-Service botnet and dropper for Android devices that has reemerged in 2020 with new ransomware capabilities that allow it to take control of victims’ devices to make various changes and install new malicious applications.

Download the full Verizon Mobile Security Index 2021 to learn more.

The Check Point 2021 Mobile Security Report

We at Check Point have recently published our very own Check Point Mobile Security Report 2021, which gives a comprehensive overview of the major trends in mobile malware, device vulnerabilities, and nation-state cyber-attacks. The information is based on data collected from 1,800 organizations that use Check Point Harmony Mobile, Check Point’s mobile threat defense solution. It also draws on data from Check Point’s ThreatCloud intelligence, the largest collaborative network for fighting cybercrime, which delivers threat data and attack trends from a global network of threat sensors; and from Check Point Research’s (CPR) investigations over the last 12 months. We invite you to download the full report here.