It is becoming impossible to ignore the new pandemic of cyber-crime…
A recent Dimensional Research survey was conducted to assess 410 security leaders. In recognition of this growing threat to the digital world, the survey found that mobile devices are “one of the weakest links in the IT infrastructure of most enterprises”.
Worryingly, mobile devices are what most of us have our eyes glued to all of the time.
Here are some of their findings:
Just as a starting point, nearly all (97%) of the security professionals who took the survey are aware that cyber-attacks through mobile devices are on the rise. In our eyes it should ideally be 100% – security companies should be aware of new threats at all times.
20% of companies have already been victims of a cyber-attack through their mobile devices. This number may not seem that large, but this is only the group of companies who were aware of the attacks. Some 24% don’t even know if they have ever been a victim of a cyber-attack. Very concerning…
64% of security professionals don’t think their organisation has the security software set up to stop a cyber-attack on their mobile devices.
Around a third of the participating companies know that their mobile security is not enough and they risk an attack that would see their data compromised.
More participants think that desktop computers or laptops are at a greater risk of a cyber-attack than a mobile device. While a computer or laptop may seem like it holds more information than a mobile device, if it is linked to the same server, the risk of compromising access can be the same. The only difference is that mobile devices tend to have less security. It may be worth companies looking into security programmes for mobile devices now.
Looking at the type of cyber-attacks, the creators of the research survey expected one or two top methods, but results indicate that cyber-criminals have used a broad range of attack methods; none striding ahead as the most successful.
Here are the rankings of methods:
- Malware 58%
- Phishing 50%
- Network attacks 50%
- Intercepted calls and text messages over a mobile carrier’s network 43%
- Key logging and credential theft 42%
Participants did not show a great deal of confidence in their companies’ security. Through various statistics, there seemed to be a lot of uncertainty over security, and doubts that companies were doing enough. A damning 94% of security professionals said they would expect a cyber-attack targeting their mobile devices in the next 12 months. That is a whopping number to come from the security industry.
Participants were not confident that their companies were doing enough to protect their devices. Over half said that their company hadn’t utilised a mobile security solution to protect their devices.
Of course, security doesn’t come free. It costs time and money. 53% said that their companies could not afford good enough security solutions. In our eyes, if you value your data and want to protect it, security is essential. Whilst some companies are comfortable taking the risk of compromising their data, if they are entrusted with their customers’ information, that risk is not worth it. It is essentially illegal.
A more welcoming statistic is that 62% said that compared to two years ago, there has been an increase in devoting resources towards cyber-security for mobile devices.
Authors of the Dimensional Research report offered insights in to the results, mainly concluding that the results proved a “lack of visibility and inadequately secured devices”. Whilst most of the security professionals recognised the dangers and risks of security breaches of their mobile devices, companies have not taken great action to prevent these breaches from happening. If anything, the participants are expecting attacks to happen.
As we saw with the mass cyber-attack on the 12th May, criminals can target vulnerable devices. Without adequate security, viruses will be able to recognise their weak points and attack without mercy.
These security professionals are the very people relied on to protect their companies, but due to a lack of transparency, funding and resources, 64% of them are not confident they can prevent a cyber-attack. Experts fully understand the magnitude of risk and harm involved in a cyber-attack yet prevented from stopping imminent attacks due to their company’s lack of resources.