Verizon: Mobile attacks up double digits from 2021 – TechRepublic

Science & Technology

Register for your free TechRepublic membership or if you are already a member, sign in using your preferred method below.
We recently updated our Terms and Conditions for TechRepublic Premium. By clicking continue, you agree to these updated terms.
Invalid email/username and password combination supplied.
An email has been sent to you with instructions on how to reset your password.
By registering, you agree to the Terms of Use and acknowledge the data practices outlined in the Privacy Policy.
You will also receive a complimentary subscription to TechRepublic’s News and Special Offers newsletter and the Top Story of the Day newsletter. You may unsubscribe from these newsletters at any time.
All fields are required. Username must be unique. Password must be a minimum of 6 characters and have any 3 of the 4 items: a number (0 through 9), a special character (such as !, $, #, %), an uppercase character (A through Z) or a lowercase (a through z) character (no spaces).
Verizon: Mobile attacks up double digits from 2021
Your email has been sent
With more people using their mobile devices for work and personal use, hackers are exploiting the vulnerabilities these activities create.
With the proliferation of mobile devices and hybrid work environments where employees often use their personal devices for work-related activities almost half (45%) of respondents of the Verizon Mobile Security Index 2022 said their organizations were subject to a security incident involving a mobile device that led to data loss, downtime or other negative outcome—a 22% increase over 2021’s numbers.
Of those respondents, 73% said the impact of the attack was “major” and 42% said that it had lasting repercussions. In 2021, less than half of incidents were described as major and just 28% were said to have had lasting repercussions, the report said.
Despite these results, 36% of respondents said that mobile devices are of less interest to cybercriminals than other IT assets—an increase of six percentage points from the 2021 MSI report.
“Mobile has historically been overlooked by information security teams, largely because these modern devices are perceived to be inherently safe and protected from legacy threats,” Michael Covington, VP of portfolio strategy at Jamf, an Apple device management company that contributed to the MSI report. “But the reality is that mobile devices are always on, always connected, and always vulnerable to risk.”
Insecure networks such as public Wi-Fi accessed without a VPN or other security considerations remains a serious threat to mobile device security, the report said. Attackers can engage in man-in-the-middle attacks by tricking users into using rogue Wi-Fi hotspots or other access points set up and controlled by the hackers. Most (52%) respondents who suffered a mobile-related security breach said that network threats were a contributing factor.
With about 40% of workers away from the office most days, more business is being conducted using over home Wi-Fi and home broadband connections. Most (85%) respondents said their organizations allow the use of home Wi-Fi and cellular networks and hotspots or have no policy against them. Sixty eight percent of organizations have no policy prohibiting the use of public Wi-Fi.
SEE: BYOD Approval Form (TechRepublic Premium)
According to the Proofpoint, 2022 State of the Phish survey cited in the 2022 MSI report, 3,500 working adults across Australia, France, Germany, Japan, Spain, the U.K. and the U.S. found that most employees or organizations did not undertake basic security measures to protect their home Wi-Fi networks.
Most (62%) respondents said they weren’t concerned about the security of their home network and close to 90% of the remaining respondents said they didn’t know how to secure their Wi-Fi connections.
“Mobile devices are now critical to how we work,” the report said. “With increased capabilities and expansive connectivity, we now have access to far more information and tools than we ever did in the days of desktops and personal digital assistants (PDAs). Partly driven by the growth in cloud-based applications, a smaller screen no longer means less powerful.”
The use of cloud-based services likewise are causing mobile securing headaches, the report said. The simplified user interfaces of mobile devices make it easier for attackers using phishing attacks to obtain employee credentials. Employees can be targeted through multiple apps such as SMS, social media platforms and third-party messaging apps.
Likewise, as the number of apps continues to grow even non-malicious apps, including those downloaded from official stores such as Google Play and Apple’s App Store, can be a threat. Nearly half (46%) of respondents who suffered a mobile-related security breach said apps were a contributing factor.
SEE: iCloud vs. OneDrive: Which is best for Mac, iPad and iPhone users? (free PDF) (TechRepublic)
Most (82%) breaches involved the human in the loop. Whether it’s hackers using stolen credentials, getting users to click on malicious links or download malware laden files using phishing, human error continues to cause incidents and breaches.
“Mobile security does not need to be another IT security headache. Organizations looking to reign in mobile risk should start with their policies and procedures,” said. “Instead of giving mobile an exemption to acceptable use policies and security requirements, businesses should treat mobile like every other endpoint.”
The Verizon Mobile Security Index 2022 findings are based on an independent survey of 632 professionals responsible for security strategy, policy and management. In addition to analysis from Verizon, the report includes insights and data from security and management companies including Absolute, Check Point, IBM, Ivanti, Jamf, Lookout, Netskope, Proofpoint and Thales.
Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.

Verizon: Mobile attacks up double digits from 2021
Your email has been sent
Your message has been sent
TechRepublic Premium content helps you solve your toughest IT issues and jump-start your career or next project.
TechRepublic contributing writers ranked the best tech in multiple categories, including VPNs, password managers, and headsets, as well as AI/ML companies.
Meta’s new front-end, back-end, mobile and database development courses prepare entry-level professionals for development careers in less than eight months.
With so many project management software options to choose from, it can seem daunting to find the right one for your projects or company. We’ve narrowed them down to these nine.
Learn about the new features available with iOS 16, and how to download and install the latest version of Apple’s mobile operating system.
IDEs are essential tools for software development. Here is a list of the top IDEs for programming in 2022.
IIoT software assists manufacturers and other industrial operations with configuring, managing and monitoring connected devices. A good IoT solution requires capabilities ranging from designing and delivering connected products to collecting and analyzing system data once in the field. Each IIoT use case has its own diverse set of requirements, but there are key capabilities and …
Recruiting an Operations Research Analyst with the right combination of technical expertise and experience will require a comprehensive screening process. This Hiring Kit provides an adjustable framework your business can use to find, recruit and ultimately hire the right person for the job.This hiring kit from TechRepublic Premium includes a job description, sample interview questions …
The digital transformation required by implementing the industrial Internet of Things (IIoT) is a radical change from business as usual. This quick glossary of 30 terms and concepts relating to IIoT will help you get a handle on what IIoT is and what it can do for your business.. From the glossary’s introduction: While the …
Procuring software packages for an organization is a complicated process that involves more than just technological knowledge. There are financial and support aspects to consider, proof of concepts to evaluate and vendor negotiations to handle. Navigating through the details of an RFP alone can be challenging, so use TechRepublic Premium’s Software Procurement Policy to establish …

source