Skycure, the world leader in mobile threat defense has announced the results of its third Mobile Threat Intelligence Report, based on worldwide mobile threat intelligence data collected by the company.
Focused on malware in the enterprise, the report reveals that the large organizations with more than 200 iOS or Android mobile devices are likely to be infected with at least one malware-infected device. The report states that companies with Android devices are prone to have malwares of some kind.
As many as four percent of all mobile devices have malware installed irrespective of whether they are managed by an enterprise or an individual.
According to Yair Amit, CTO, Skycure, Malware absolutely exists on enterprise mobile devices and standardizing on iOS doesn’t make you safe. Moreover, unlike the malware which targets only consumers, they target businesses if the concerned IT department is unaware about its existence.
The recent incidents of malware attacks clearly bypass even the two-factor authentication. Smartphones have a greater chance of being infected since they can keep track of a user’s conversations and activities. The malwares will be able to target relevant individuals for access to valuable personal and corporate information.
The State of Malware
Nowadays, enterprises are struggling to manage mobile devices within their workforce. Hence, keeping devices secure while still allowing them access to corporate systems is a complicated problem, especially with many workers using their own devices to connect to enterprise applications and documents. It is difficult to pinpoint the presence of malware in an enterprise managing hundreds or thousands of devices, each installed with hundreds of apps.
- The recently released Skycure report reveals the following core points by studying malware in the enterprise:
- Three percent of all enterprise iOS devices have malware installed, and nearly twice as many (5.7 percent) of all enterprise Android devices are infected
- Android devices have a greater variety of malware. Total Android malware consists of 76 percent unique varieties, while only 22 percent of all installed iOS malware was unique.
- On average, enterprises have more than three unique varieties of malware. The study analyzed an average of more than 290 apps per device.
- The report found the worst time of day to install apps is the hour from 9:00-10:00 am ET. That hour is as much as 10 times the rate of other hours during the day.
- Mobile ransomware continues to increase, with screen-lock ransomware as the most prevalent. However, crypto-ransomware, where content is unrecoverable even if the user is able to access their files, is growing in popularity.
The Third-party App Store Threat
The Skycure Mobile Threat Intelligence Report found that nearly one in five (19 percent) enterprise Android devices still allows app installation from third-party stores, despite a system-level setting to turn off this feature. We inspected the study report and found that third-party app stores are likely to be deliver malware. Meanwhile, the report points out that users should make use of the official Google Play Store to download apps. You should not attempt to install apps which are available in .apk formats.
John Morgan, Vice President of Product and Ecosystem, MobileIron
Malware is one of the biggest challenges our customers face in securing a mobile workforce. Our customers find our technologies complementary. Skycure detects and protects against both known and unknown threats, while MobileIron helps customers take action to remediate those threats.
Users are nearly twice as likely to download malware from the Samsung store, more than 12 times more likely to find malware at the Amazon store, and more than 72 times more likely to be infected at the Aptoid store.
Network Attacks Still a Bigger Threat
Even though Skycure Mobile Threat Intelligence Report mainly focuses on malware, the report states that network incidents happen five times more often than malware incidents. Nearly 70 percent of incidents were network-based when compared to 13 percent in the malware segment. The study reveals that the largest number of threats from SSL Man in the Middle attacks, which intercept a communication between two systems.
The second largest threat came from content manipulation attacks, in which hackers modifies data to cause a victim to perform desired actions through a manipulated interface or in a third-party system.
Recommendations
The Skycure Mobile Threat Intelligence Report suggest companies and enterprise organizations to safeguard their mobile ecosystems from malware threats by implementing advice from the major EMM vendors, which all recommend adding a Mobile Threat Defense solution. Even though traditional methods are good, it is not completely sufficient to detect malware created with the new methods hackers are devising every day.
The SANS Institute suggests a strategy that builds on this traditional approach by adding multiple layers of threat intelligence and advanced analytics. In addition to the local threat information collected and analyzed on the device, organizations can benefit from crowd-sourced threat intelligence from many distributed devices and additional server-side analysis to identify and protect enterprises even from sophisticated malware that bypasses classical detection methods.
You can download a copy of the Skycure Mobile Threat Intelligence Report by clicking here. The report spanning around 10 pages displays facts in graphs and tabular formats as well with clear and crisp explanations.