Those mobile devices you give your employees—or the ones they bring as part of your BYOD program—are increasingly being targeted by hackers and cyber attackers.
"As they become a more complex platform, they become a bigger target as well," says Greg Young, former CISO for the U.S. Department of Communications and current Vice President of Cybersecurity for Trend Micro.
And while some attacks are new, other mobile attack vectors have been known and documented for years—but not patched. And hackers are taking advantage of this, as well.
Behind the Scenes interview: mobile device threats
The mobile threat landscape is the focus in this episode of SecureWorld's Behind the Scenes interview series.
This time we're talking to Greg Young about the Trend Micro research from its 2018 Mobile Threat Landscape Report.
Listen to our complete interview here, or read excerpts of our Q&A below.
[SecureWorld] A good place to start is with the big picture. What are the shifts you are seeing in the mobile threat landscape?
[Greg Young] I think there are two big shifts. The first is that there is a pivot away from ransomware and a shift toward other ways of getting the money. The second is that there's great regional differences in who the targets are.
[SW] Getting into some specifics around those threats, I noticed that your research found mobile crypto-mining malware exploded by 450% year over year. What's behind this shift?
[Young] So one is that attacks got a lot more difficult than traditional ones. But also, this is a much faster way to get money. If I ransomware you, you're going to be upset, you're going to tell people, possibly law enforcement. But with crypto-mining, the detectability and the chance of getting caught are much lower, and the payouts in fact are much higher.
[SW] What about mobile banking trojans? What do the attack vectors look like when it comes to mobile banking threats right now?
[Young] Again, shortest path to the money. If you can get at an account, why go through all the trouble of "ransomwaring" them and hoping they pay out? Why not go straight for the cash, especially as more and more accounts go online?
[SW] Let's move on to mobile cyber espionage. Of course, when I hear the words "cyber espionage," it makes me think of a James Bond film, or Russian hackers. But you actually found that it's a really significant threat and it has diversified significantly. What are you seeing in this space?
[Young] We often see very targeted phishing attacks, that's where the big payouts are now. We've seen this move away from really broad-based phishing. The more information you have about a person, the easier it is to do an attack.
[SW] One of the other things you covered in the report, and this really surprised me, is that a number of documented and known threats continue to be successful for hackers. What did you come up with there?
[Young] Much like any overall threat landscape, the older vulnerabilities are in fact the most commonly exploited ones. The newest vulnerabilities are the most attractive, but they're also attractive from the security perspective; we're always looking for the most common ones. So it turns out that the older ones are the most exploited.
[SW] Along those lines, I know Trend Micro has a MARS Service. What does that stand for, and how does it work?
[Young] MARS is our Mobile App Reputation Service. The idea is, if you have an application that is unknown or suspicious or that you're creating, you can submit it to MARS and it will be checked.
[SW] So we've talked about a lot of the challenges, and the things that have really accelerated around mobile threats. But there was some good news from your research, and one piece was that mobile ransomware dropped significantly. What are the reasons behind that?
[Young] To get control of someone's endpoint, and ransomware them, that's tough. The bad guys want a shorter path to money. But the security also improved, and that also got in the way.
[SW] Lastly, I think we should look ahead. As you look ahead to the balance of 2019, what are you thinking about? What are you seeing?
[Young] Definitely this downward trend of ransomware, we think that's going to continue. Threats we believe will increase, unfortunately; with mobile, the threats that are blocked are increasing. We see regional differences, as well. One thing to watch is the price of cryptocurrency. One thing impacting ransomware is the variability of cryptocurrency.
Thank you to Greg Young for his expertise, and don't miss our other Behind the Scenes interviews, including:
Lawyers on the Dark Web
IIoT Security Threats