Smartphones have become a central part of our lives. But, while they aim to heighten convenience, there is a real feeling that smartphones are becoming a bigger target for cybercriminals, says CAREY VAN VLAANDEREN, ESET South Africa CEO.
So, why are criminals eager to get into our devices?
A smartphone knows everything about us
The amount of information stored on a smartphone has skyrocketed in recent years. The connectivity of apps means we supply nearly every piece of information about ourselves, whether its bank account details or our preferred taste in pizza.
For a cybercriminal potentially wanting to commit identity theft, a smartphone is a goldmine.
It’s a way into companies and other organisations
The use of Bring Your Own Device (BYOD) has become one of the most prominent trends for companies around the globe. Cybercriminals are viewing these devices as an ideal gateway into stealing valuable corporate information.
Security can be lax
The rise of BYOD has also caused plenty of headaches for a number of companies in various industries, mainly due to difficulties in rolling out a unified approach to security.
In a recent Tech Pro Research survey of CIOs, tech executives and IT workers, 45% of respondents said mobile devices posed the greatest risk to a company’s infrastructure, with the fragmented nature of some mobile platforms cited as a primary reason.
Autofill has become our best friend
One of the reasons our phones are carrying more personal information than ever before is primarily down to our desire for convenience.
With our devices now handling a myriad of services and subsequent apps, we find ourselves with a larger number login details than ever before.
It’s a route into your wallet
Our phones can be used to transfer money, pay our bills, and are even being used as a method of payment.
Apps such as SnapScan and FlickPay are pushing mobile payments into the mainstream, and some experts expect it to be a trend that will continue over the next few years.
Of course, the only drawback is that they are likely to catch the attention of cybercriminals.
Phones know where you are and where you are work
In many circumstances, the reason behind tracking your device are entirely innocent, such as helping you get the most out of your data and your apps.
For example, if you’re out and about, you can check out restaurant or business recommendations with just a couple of swipes.
However, hacking a device’s GPS capabilities is not seen as a difficult task, with many gamers using it to cheat at the popular augmented reality game Pokémon Go in the hands of the criminals, a compromised GPS could be an unnerving prospect.
For several years now, Bluetooth has been a regular feature on smartphones and other mobile devices. Yet, like GPS, it is still seen as a potential entry point for cybercriminals.
The effects of such an attack can result in Bluesnarfing – where a phone’s private information is compromised, or Bluebugging, which allows a criminal to take complete control of your phone.
But while there is a risk, these methods are becoming increasingly harder for hackers to exploit.
Some scams are specific to mobile
There are several well-known ways in which cybercriminals can use your smartphones to make quick cash.
In countries like China, for example, malware can be used to access devices and force them to call premium numbers that charge large amounts.
These scams are not only potentially lucrative, but can also spread across large numbers of devices.
They’re a great way of sending spam
Everyone hates spam. Well, apart from cybercriminals, anyway.
There are several reasons why a criminal would want to send spam, but many of them see smartphones as the ideal platform for sending these communications.
This is mainly because it is much harder for service providers to track down and block offenders.
Users are ignorant about the dangers
Many of the most seasoned tech users are now well acquainted with best practices when it comes to using laptops or desktops, but smartphones often slip down the list of priorities.
Which, in some ways is surprising, given that smartphones have increasingly been targeted since as early as 2005.
However, as the threat is more visible than ever, we’re slowly beginning to understand that security matters. Let’s treat them with the importance they deserve.
Password managers don’t protect you from hackers
Using a password manager to protect yourself online? Research reveals serious weaknesses…
Top password manager products have fundamental flaws that expose the data they are designed to protect, rendering them no more secure than saving passwords in a text file, according to a new study by researchers at Independent Security Evaluators (ISE).
“100 percent of the products that ISE analyzed failed to provide the security to safeguard a user’s passwords as advertised,” says ISE CEO Stephen Bono. “Although password managers provide some utility for storing login/passwords and limit password reuse, these applications are a vulnerable target for the mass collection of this data through malicious hacking campaigns.”
In the new report titled “Under the Hood of Secrets Management,” ISE researchers revealed serious weaknesses with top password managers: 1Password, Dashlane, KeePass and LastPass. ISE examined the underlying functionality of these products on Windows 10 to understand how users’ secrets are stored even when the password manager is locked. More than 60 million individuals 93,000 businesses worldwide rely on password managers. Click here for a copy of the report.
Password managers are marketed as a solution to eliminate the security risks of storing passwords or secrets for applications and browsers in plain text documents. Having previously examined these and other password managers, ISE researchers expected an improved level of security standards preventing malicious credential extraction. Instead ISE found just the opposite.
Click here to read the findings from the report.
MWC: Next generation of inflight connectivity to be unveiled
Next week at Mobile World Congress, the Seamless Air Alliance will reveal progress on its mission towards enabling the next generation of inflight connectivity. This follows a significant start for the Alliance, which has seen membership increase five-fold since the first meeting in June of last year. The Alliance has a new research laboratory setup and continues progress through its three working groups, writing specifications for the technology, requirements, and operations.
These developments represent a huge leap towards the goal of making connectivity as easy and enjoyable in the skies as it is on the ground. Appearing as part of the Airbus stand (Hall 6, stand 6G34), the Seamless Air Alliance will reveal specification topics that have been completed and published to its membership.
“The passenger experience with inflight connectivity remains one of the great technology challenges. From Day One we have been determined to deliver on our mission to bring industries and technologies together to make the inflight internet experience simple to access and a delight to use,” said the Alliance’s Chief Executive Officer, Jack Mandala.
“I have been tremendously encouraged by the enthusiastic and committed response we have seen and the widening areas of expertise we can call upon as more and more companies and organisations continue to join us,” he added.
Announced during MWC 2018, the Seamless Air Alliance has since grown to twenty-three membercompanies with more than one-hundred key personnel from across the membership participating in its three working groups, with numbers continuing to increase.
The Seamless Air Alliance was created by founding members Airbus, Airtel, Delta Air Lines, OneWeb and Sprint, and quickly joined by Air France KLM, Aeromexico, and GOL Linhas Aereas Inteligentes and global technology leaders including Astronics, Collins Aerospace, Comtech, Cyient, iDirect, Inmarsat, Intelsat, Latecoere, Nokia, and Panasonic.
Today, the Alliance is pleased to announce five additional new members: Adaptive Channel, Etihad Airways, GlobalReach Technology, Safran, and SITAONAIR.
“We are extremely pleased to have these companies join and be a part of the companies driving the next generation of connectivity.” said Mr Mandala.
The Seamless Air Alliance will enable travelers boarding any flight, on any airline, anywhere in the world, to use their own devices to automatically connect to the Internet with no complicated login process nor paywall to scramble over.
The Alliance is also announcing the release of a new research study on the economic benefit of standardization on the inflight connectivity market at Mobile World Congress. This report is available for download at https://www.seamlessalliance.com/publications/
The Alliance is moving rapidly towards an expected demonstration of the technology later in 2019 and anticipates massive interest in Barcelona from the whole communications eco-system.