Business smartphones are increasingly under attack

In times of smart working and Covid-19, malware, ransomware and all other threats exploit the delicate situation: how to defend yourself?

(Photo: Pixabay) Cybercriminals are always on the spot and take advantage of the hottest issues current events to better structure their malicious activities. With mobile platforms always at the forefront, threats are not only affecting individuals, but are increasingly affecting corporate devices.

The situation is told extensively by Check Point Research, the threat division Check Point intelligence, which illustrates the increase in campaigns linked to the medical emergency, the fearsome ransomware that "steal" data asking for a ransom and in particular attacks related to Mdm (Mobile Device Management) software to break into networks business.

An unfortunately predictable trend in these months in which millions of people all over the world are forced into remote smart working. A drastic change in habits that has led to an exponentially greater use of the company smartphone for even reserved tasks: an attractive target for cybercriminals, who have concentrated their efforts on these "endpoints" with new exploits and tricks. A much richer loot than a simple attack on a private user, since the smartphone of a remote worker becomes a privileged gateway to company data and sensitive information.

(Photo: Check Point ) The most common move was to create malicious apps that took the graphics and name of the official ones for national Immune tracking in Italy. Once installed, they hide malware on the smartphone in search of precious data, but also the so-called Mrat or trojans for remote access to the smartphone and premium dialing malware that call numbers at high prices.

Banking Trojans have made the leap with threats such as Ghimob transacting financial accounts in Germany, Portugal and some African and South American nations, the recent Evenbot which focuses on Europe and the US or the Turkish Thiefbot, but the list is long (Blackrock, Wroba, TrickMO, etc…). Among the most widespread ransomware is the Black Rose Lucy family, which has become even more formidable compared to its discovery three years ago.

All these dangers are compounded by the great alarm about attacks affecting corporate software MDMs who manage the smartphone fleet of employees. It is easy to understand how sneaky they are: Check Point researchers tell how a variant of the new Cerberus threat has hit an important multinational conglomerate, distributing malware to 75% of workers from the corporate MDM server. Cybercriminals have thus exploited the network to infect a large number of devices more efficiently.

Lato Apt - Advanced Persistent Threat - has focused on software for remote access to smartphones, as in the case of the campaign "Iranian Rampant Kitten" which used fake or phishing apps from Telegram to spy on Iranian citizens. Other attacks exploited hardware-level vulnerabilities such as the Achilles family based on Qualcomm chip devices. Finally, vulnerabilities in popular apps such as Instagram, Facebook or WhatsApp were also exploited.

(Photo: Check Point) Italy is one of the most attacked countries in Europe with 754 episodes per week in the last semester against a European average of 415. The most widespread malware in our company is Blindingcan ( 6%) followed by banking trojans, a cryptominer like Xmrig that uses the computing power of the computer to mine cryptocurrencies and the Trickbot botnet. 90% of these threats come from malicious emails, which are therefore always the preferred medium for criminals. Finally, the most exploited exploit in Italy is that of remote code execution, which has affected as many as 67% of companies. Among the latest reports, there is the Ursnif banking trojan that hit over 100 institutions in March or last November's attack on Campari with a ransomware with 2 terabytes of encrypted data and a request for a ransom of 15 million dollars. br>
Estimates speak of 81% adoption of remote work with 74% planning to extend it permanently, how to protect their company smartphone in a smart working regime? As suggested by David Gubiani, Check Point's Regional Director SE EMEA Southern, the priorities are to request user authentication from the lock screen with password or biometric authentication, to encrypt the data stored on the device, but also to consider the use of a vpn to connect via private servers. Remember to always update the operating system and applications, avoid connecting to public wi-fi networks, limit the download of apps to official sources only (checking the descriptions and reviews carefully) and make a constant backup. It is also very important to activate remote access to data and their deletion in case of theft or loss, surf on secure sites (also verifying the presence of https), conduct regular security checks on mobile devices and take advantage of ad hoc solutions to protect endpoints, such as Check Point Harmony.


Medicine - 2 hours ago

The bookings of anti-Covid vaccines are also starting for those over 70 years old. Here's how, region by region

adsJSCode ("nativeADV1", [[2,1]], "true", "1"); Medicine - 7 hours ago

Everything you need to know about the AstraZeneca vaccine

adsJSCode ("nativeADV2", [[2,1]], "true", "2") ; Medicine - 8 hours ago

Health innovation begins with proximity. The story of Wired Health 2021

Topics

Coronavirus Security globalData.fldTopic = "Coronavirus, Security"

You may also be interested in

This opera is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.