In the never-ending battle against cybercriminals, knowledge sharing is one of our most effective defenses. The more we can simultaneously learn from and educate fellow security experts, the more likely we are to stay one step ahead of threat actors.
At VMware Explore 2023 Las Vegas, Lookout and VMware cybersecurity experts had the privilege to meet customers from various backgrounds and sectors to gain insights on why mobile devices are appealing targets for cybercriminals. For this blog, I had a conversation with Steve Banda, Head of Partner Marketing at Lookout. Steve joined us at Explore in Las Vegas, where we discussed the mobile security challenges and threats facing today’s organizations.
These are the three most common questions we fielded from customers at Explore 2023.
Question 1: What is the biggest mobile security threat that you see?
By far the most frequent and severe mobile security threats we see are phishing attacks specifically designed to exploit mobile devices. And the unfortunate reality is that phishing attacks are often just the tip of a spear for more advanced cyber attacks. Threat actors and advanced persistent threat (APT) cyber espionage groups often use phishing as a means to distribute spyware or conduct surveillance campaigns.
Attackers can steal credentials and take over legitimate accounts, where they can raise their access privileges or move laterally to other parts of your organization. Ultimately the goal is to identify and steal sensitive data and intellectual property, disrupt operations, and wreak havoc on regulatory compliance efforts.
And while many threat actors are becoming more sophisticated, it’s also becoming easier than ever for attackers to perpetrate a phishing attack. Some attackers are now using malware as a service to supercharge their attacks, and these inexpensive and easy-to-use kits make it simple for anyone to perpetrate a phishing attack. We discussed how to protect against device, application, network, and phishing threats in the session, “Am I Being Phished? Protect Your Mobile Users with Workspace ONE Mobile Threat Defense,” which is available for free to stream online.
Question 2: How do we financially justify the investment we need to focus on mobile security?
This question comes up quite a bit and the way to think about any investment in cybersecurity is in terms of potential financial and operational risk to an organization if breached. First, start with understanding the broader cost of cybersecurity breaches. According to data from Statista, the global average cost per data breach was USD $4.45 million in 2023, with this cost exceeding USD $9 million for a data breach in the United States. Adding to the pain, violators of GDPR can be fined up to €20 million, or up to 4% of the annual worldwide turnover of the preceding financial year, whichever is greater.
Next, add in the contribution of mobile threats when it comes to understanding the cost implications of a breach. For starters, in 2022 Lookout reported 30% of personal and enterprise users were exposed to mobile phishing attacks every quarter. When we quantify risk by applying the Factor Analysis of Information Risk (FAIR) model, we estimate that the maximum potential financial impact of a successful mobile phishing attack to an organization of 5,000 employees is almost USD $4 million.
Adding to the cost of a breach are the potential legal repercussions following the breach of customer information. Not long after VMware Explore 2023 concluded in Las Vegas, MGM Resorts and Caesars Entertainment were breached by a cybercriminal group, Scattered Spider. The group compromises data by targeting users in social engineering attacks directed at user’s phones, stealing credentials, and using them to gain access to systems hosting sensitive data. This breach has now resulted in five class action lawsuits against MGM and Caesars on the grounds that they failed to protect customers in the cyberattack.
Question 3: How does mobile security protect company data and resources?
There are a few ways to implement mobile security. The most common way is to integrate an advanced mobile security solution with unified endpoint management (UEM) or mobile device management (MDM). In simple terms, when mobile security is linked with management, security posture information is shared. In our case, VMware Workspace ONE Mobile Threat Defense (powered by Lookout) is integrated with the Workspace ONE platform. When threats are detected, policies can be applied by Workspace ONE Unified Endpoint Management. In the case of a fully managed corporate-owned device, the mobile phone can be remediated.
For user-owned devices, also known as bring-your-own devices (BYOD), we can use policies to fix issues as allowed, or deliver instructions to the user to fix it on their end. We deliver mobile security via Workspace ONE Intelligent Hub and notifications are delivered through Hub, a tool that many end users already use to access apps for work. End users can rest assured their mobile device is constantly being monitored for the presence of mobile threats, such as phishing, malicious apps, device exploits, and network attacks.
In conclusion, our conversations with customers covered a lot of ground. The threat environment will always be hostile, and organizations need to focus on improving their mobile security posture today and for the long term. Learn how VMware Workspace ONE Mobile Threat Defense delivers more effective mitigation of today’s mobile threats while empowering your anywhere workforce. See the solution in action in our demo video and view technical content and documentation on the VMware Tech Zone.