At this point, essentially everyone in the business world is well aware of the data breach epidemic. It's common for companies to have network managed detection and response (MDR) solutions and endpoint protection strategies in place for devices traditionally used to access sensitive data in office environments, such as laptops and desktops.
As a result, cybercriminals have gravitated toward easier targets. If you've ever watched a nature documentary, you know that predators try to pick off the slowest, weakest and most vulnerable members of the herd. Today, those tend to be mobile devices and Internet of Things (IoT) devices, which are still often an afterthought for companies crafting and maintaining security strategies.
If you aren't already concerned about IoT and mobile security, now is the time to act and guard those endpoints. This is what you should know about the evolving IT security threat landscape and what you can do to prevent your organization from becoming the target of one of these attacks.
The Story Behind the Rise in IoT and Mobile Malware: Hackers Target Companies Embracing Digital Transformation
As new technologies like IoT, mobile gadgets and the cloud have revolutionized our lives personally and professionally, digital transformation - the process of leveraging emerging tech to improve businesses processes and the customer experience (CX) - has become essential for any organization that wants to stay competitive. You can see evidence of this digital evolution everywhere, from ordering kiosks at fast food restaurants to sales reps' use of tablets to give prospective clients fast access to product and pricing info.
As part of digital transformation, many businesses have embraced IoT and mobile devices and made them part of their daily operations. As far as IoT is concerned, the install base of connected devices is projected to exceed 31 billion by 2020, and the IoT market (including both businesses and consumers) is projected to reach $3 trillion by 2026, according to Security Intelligence, an informational cybersecurity site sponsored by IBM.
Similarly, many companies have allowed employees to use their own mobile devices at work with Bring Your Own Device (BYOD) policies and programs. In 2018, almost 70 percent of businesses supported BYOD, according to research by Frost & Sullivan.
While the introduction of IoT and mobile devices benefits businesses in various ways (e.g., by improving productivity and efficiency), these trends have also created new points of vulnerability, which have attracted hackers seeking easy marks.
The IoT and Mobile Attack Epidemic: More Devices, More Problems
As IoT and mobile devices have become more prevalent, so have cyberattacks targeting them. In 2018, SonicWall identified 32.7 million IoT attacks, a staggering 215.7 percent increase from 10.3 million in 2017. The rate at which hackers seek to compromise IoT gadgets is still climbing: 13.5 million attacks occurred during the first half of 2019, outpacing the first six months of 2018 by 55 percent, according to the 2019 SonicWall Cyber Threat Report.
Cybercriminals commonly gain access to IoT devices to make them into nodes for botnets, which can in turn be used to execute Distributed Denial of Service (DDoS) attacks, carry out data theft, or mine cryptocurrency, among other malicious functions, according to the SophosLabs 2019 Threat Report.
Along with the explosion of IoT-related attacks, incidents related to mobile malware have proliferated in the past couple years. In 2018, there were 116.5 million mobile malware attacks, up from just 66.4 million the previous year, according to Kaspersky Lab. Common types of malicious programs that target and infect mobile devices include cryptocurrency miners and banking Trojans. Malicious phishing programs can also mimic legitimate apps in order to gather login details, Sophos states.
With IoT and mobile attacks on the rise and showing no signs of slowing down, taking action to protect your organization against these types of threats is vital.
What You Can Do to Avoid Becoming a Victim of Mobile and IoT Malware
You can significantly lower your data breach risk by making mobile and IoT device security part of your overall comprehensive cybersecurity strategy. Establish policies and best practices for mobile devices - such as implementing passcodes/passwords and not accessing sensitive data while connected to unsecured networks - and ensure everyone at your organization is aware of them.
An advanced endpoint security solution - such as an endpoint MDR platform - can also make a big difference by giving your company the tools needed to prevent, detect, hunt and respond to endpoint security threats targeting IoT and mobile devices. An MDR solution can monitor those endpoints for suspicious activity at all times and automatically identify and take care of any threats before they have the chance to cause damage.
At the end of the day, hackers are already scheming to infiltrate any IoT and mobile devices that have access to your network. Act to protect any vulnerable devices now, before it's too late and you find yourself dealing with a costly data breach. Contact your account manager today to learn more about your endpoint protection options.