A new report shows an explosion of zero-day attacks and malware focused on mobile devices just as companies adopted widespread bring-your-own-device policies.
The volume of mobile threats is increasing and attackers are growing more sophisticated, with almost a third of zero-day attacks now targeting mobile devices, new data shows.
In its annual mobile threats report published this week, cybersecurity firm Zimperium says data from its services shows that nearly a quarter of mobile devices encountered malware last year, while 13% had their data intercepted by a machine-in-the-middle attack and 12% were directed to a malicious website. The rising cyber risk comes as the attack surface area of mobile applications has grown, with more than 900 Common Vulnerabilities and Exposures (CVEs) reported in 2021 that directly affect Apple iOS or Google Android. In addition, risks have risen from the third-party components used by developers, and a variety of misconfigurations have undermined the security of the cloud services underpinning mobile applications.
The data suggest that adversaries are finding ways to exploit the traditionally strong software ecosystems surrounding mobile devices, says Richard Melick, director of threat reporting at Zimperium.
“There was a pivotal change in the landscape as mobile devices are being increasingly targeted by attackers,” he says. “These mobile devices are critical to our everyday lives, and they are critical work tools, [so] organizations have to approach the mobile device with the same security in mind as traditional endpoints.” Read more:https://bit.ly/3IdVNC7