In order to demonstrate the seriousness of mobile security, '60 Minutes' teamed up with cybersecurity company Lookout. This was a project that had been in the works for years.
"We've been working with them, going on three years now. They've been trying to figure out ways to raise awareness in the area of mobile device security, because so many of depend on smartphones and intelligent devices now in our daily lives. I think they're really trying to raise awareness on how important mobile security is to everyone," said Gregg Laroche, Director of Product Management at Lookout.
Raising awareness might be an understatement when it comes to the way Lookout approached the project.
"One of our founders actually worked with kind of an ethical hacking team to execute a remote exploit on a device far away. So, what they did was take control of another device from a distant location, turned on the camera and the microphone, and were able to actually spy on someone far away, which is pretty scary when you think about it," Laroche said.
The hackers were able to spy on the reporter after she downloaded a malicious application she received via SMS. A Lookout blog post details exactly what happened.
On 60 Minutes, reporter Sharyn Alfonsi downloaded the app from Lookout co-founder John Hering. In this scenario she sideloaded the application through a text message. The message read, "Hey - I'm only chatting now using a secure messaging app called ghost chat. Download it now to talk." The SMS message also included a link to download the app.
Lookout warns that "sideloading" applications is most common in Android devices, but iOS users are not exempt. If someone downloads a malicious application, then the consequences can be severe. The Internet of Things only ups the ante when it comes to mobile security. Now, if a hacker has access to your phone, there's a possibility that they could have access to everything from your car to your coffee maker. This isn't just a problem for individuals, but for corporations as well. In a bring-your-own-device (BYOD) workplace, mobile security should be one of the top priorities.
"Those devices become more valuable to attackers with the more sensitive data that gets put on them. As our devices now access our corporate emails and other corporate files in the cloud and things that are really exposing more and more types of information, I think the security problem gets bigger," Laroche stated.
The best way to combat malicious applications is to make sure that you are only downloading apps from the "official" stores. There are also several companies, such as Lookout, who specialize in mobile security. If an application doesn't seem legitimate then use extreme caution and remember the key to staying safe if continuous education.
"Thinking about mobile in your overall security strategy is very important because the world is changing."