Last year, mobile device cyber-attacks rose by 50% in just the first half of the year* and it’s not just Android devices that are coming under attack, evidence suggests that attacks on iPhones are hitting a new high with over 1.5 million campaigns targeting iOS and Mac devices.
Effective mobile security is always having to evolve, because of the speed in which hackers are finding new ways to attack. Smartphones are a target because the security of these often isn't taken seriously, with network and computer security usually prioritised. This leaves mobile devices as the easiest route into an organisation.
Research indicates that 47% of SMEs admit they have no understanding of how to protect their companies against cyber-attacks, despite the fact that 67% agree or strongly agree that mobile solutions are changing the way they work as we move towards digital transformation and the reduction of paperwork. Smartphones and tablets are increasingly used for mobile banking, at point of sale, and many employees also use personal mobile devices for company use.
This increasing threat means that there is an urgent need for organisations to address their vulnerability by taking a more proactive approach with cyber-security strategies for personal devices. These should include physical security such as firewalls, encryption, antivirus software and automatic updates, internal controls and procedures, such as a robust ‘Bring Your Own Device’ (BYOD) policy, supported by internal awareness and education through training.
Below are two examples of common threats when it comes to mobile device cyber-attacks, the issues that they can cause for a business and the solutions available to counteract the damage.
Issue: Free Wi-Fi networks are usually unsecured and a prime target for hackers. Network spoofing is where they create fake 'trap' networks, often in public locations, with names such as "Free airport Wi-Fi" enticing people to connect.
Impact: These networks allow hackers to easily compromise connected devices, see exactly what you are doing and access data including confidential emails, banking and VoIP conversations.
Fake networks often ask users to create an account, complete with a password, and because many users use the same credentials for multiple services, hackers are then easily able to compromise users’ email, e-commerce and other secure information.
Solution: Avoid unsecured Wi-Fi and never use it to access confidential services, such as banking or credit card information. Always create unique passwords when registering for new access points and do not provide any sensitive personal information.
Issue: Spyware is a form of malware and is designed to be loaded on the target’s device without their consent or knowledge.
Impact: Spyware gathers information, such as passwords and financial information about a person or organisation. With an ability to avoid detection, Spyware can often do this without their knowledge and for a sustained period of time.
Solution: A comprehensive antivirus and malware detection suite should use specialised scanning techniques for this type of program.
To find out your organisations level of cyber risk, complete this quick cyber risk assessment:
To discuss protection from the impact of cybercrime please call our specialist team on 0330 678 1221.
Towergate Insurance are partners with Care England, NCF, Homecare Association and a number of regional associations and are actively engaging with insurers and our clients to obtain cyber protection for businesses of all sizes, to protect against the very real and growing threats of the digital age. We can offer cyber insurance for care businesses to help protect you should the worst happen.
Towergate Insurance is a trading name of Advisory Insurance Brokers Limited. Registered in England with company number 4043759. Registered Address: 2 Minster Court, Mincing Lane, London EC3R 7PD. Authorised and regulated by the Financial Conduct Authority.
Carolyn Baker-Mellor is a respected industry leader with over 35 years' experience within the care insurance sector. She works across a wide spectrum of insurance product and policy development, delivery and optimisation for care industry clients, including managing global corporate accounts, working closely with trade associations, and helping clients in protecting their businesses and personal assets.
Date: October 26, 2020