I portable devices (like Smartphones) are becoming a cybersecurity risk. 90% of successful attacks and 70% of data breaches originated from connected devices.
Users are six to ten times more likely to be victims of SMS phishing attacks compared to those via email. And over the last three years, 62% of companies have suffered violations, partly due to remote working.
This data is revealed by the sixth edition of Mobile Security Index 2023 di Verizon Business, a division of Verizon Communications, which illustrates the main threats found in the protection of mobile devices. The report also provides insights and best practices to assist organizations in achieving the right flexibility and security across all business processes.
The risk for companies
The widespread use of portable devices, often linked to multitasking, represents a serious threat to companies. The concern is highlighted by research indicating that 61% of Chief Information Security Officers (CISOs) and 53% of CEOs believe their companies are insufficiently prepared to deal with possible targeted cyber attacks in the next 12 months. It therefore becomes crucial to find a balance between user experience, privacy and costs
Security errors are increasing
The policies "Bring Your Own Device” BYOD, hybrid working and the Internet of Things (IoT) have made endpoint protection more complex and difficult. This situation has led to an increase in security errors made by users, which can have a significant impact on the company, employees, shareholders and customers. The study shows that over a third of users (34%), have committed at least one of the following five basic errors regarding security:
- 18% clicked on a phishing link;
- 13% downloaded malware via smishing (phishing via SMS);
- 11% downloaded generic malware;
- 9% have shared personal data with a scammer;
- 8% revealed a password to an untrustworthy source.
The most common mistakes
According to the White Paper, 71% of users it does not change the default password of your home Wi-Fi, and 28% do not protect the connection with a password.
In the context of the Public Wi-Fi, 90% of remote working professionals do connects to company resources from external places to their home, with an average of 5 positions, thus increasing the potential risks for company security.
Secure IoT devices
La security of IoT devices is becoming one of the most complex challenges in mobile security, with attacks directed at these devices evolving rapidly among cybercriminals. It must also be taken into consideration three factors: 1) the growing number of IoT devices makes them an attractive target as an attack vector; 2) increasing the power of these devices turns them into potential vehicles for attacks, such as being part of a botnet used to carry out distributed denial of service (DDoS) attacks; 3) the growing importance of applications makes these target devices more strategic.
Artificial intelligence is the new challenge for cybersecurity
A new challenge for cybersecurity arises from the recent development of generative artificial intelligence (AI). Anyone with access to the internet can generate deepfakes convincing but false, and cyber criminals are exploiting this technology to make their phishing attacks more effective.
An example is theusing an audio sample of a person to create arealistic imitation of his voice. An online video interview of a CEO can be manipulated to convey a message to an employee to instruct him to carry out actions that could put the company's security at risk.
“The lack of understanding of the potential consequences, combined with the blurring of lines between working in the office and from home, represents a dangerous combination,” he said. Mike Caralis, Vice President Business Markets of Verizon Business – In recent years, cybercrime is becoming more sophisticated and does not always present itself in the form expected.”
