This year, the Cybersecurity and Infrastructure Security Agency (CISA) theme for Cybersecurity Awareness Month in October was “Secure Our World.” This theme included four focused sub-themes: enabling multi-factor authentication, using strong passwords and a password manager, updating software, and recognizing and reporting phishing.
My colleagues and I covered these themes extensively at VMware Explore 2023 Las Vegas, especially in our session titled “Accelerate Zero Trust: Vision and Practical Projects with NIST and VMware Workspace ONE,” which included examples of how organizations can align projects to achieve zero trust goals.
We also focused on the fourth sub-theme, recognizing and reporting phishing, in “Am I Being Phished? Protect your Mobile User with Workspace ONE Mobile Threat Defense.” Because cybercriminals are constantly evolving their methods, it’s critical to stay up to date, and I can’t think of a better person to have a cybersecurity conversation with than Michael Yee, Director of Business & Corporate Development at Lookout. Here’s my Q&A with Michael:
Why are mobile devices appealing targets for cybercriminals?
For the longest time, people have thought that Android, iOS, and ChromeOS devices are impervious to attacks because of the controls put in place by device manufacturers and operating system (OS) developers. This perception does not match reality, and we are left with a “soft underbelly” attack surface. We’re seeing an upward trend in attacks against mobile devices and multi-factor authentication solutions on those devices. Luckily, forward-thinking organizations recognize this trend and are starting to address the gaps that have been present in the mobile computing space for years.
Isn’t there built-in security on our smartphones?
The device manufacturing industry for smartphones has made great strides in addressing operating system vulnerabilities by churning out updates on a quick timetable to patch these issues. The always-on and highly interactive nature of smartphones and tablets makes deploying patches visible and impactful to the extent that users tend to want to keep their devices up to date. However, it creates the misconception that updating your smartphone OS is all you need to do to keep it secure against mobile threats.
To make matters worse, cyber threats against mobile devices are growing. According to Lookout data, phishing attacks and malicious apps are the two most common types around the globe.
Phishing attacks, specifically, are outside the control of the device manufacturers and OS developers. For most people, the primary use of their smartphone is communication, for both work and personal reasons. We all use SMS, iMessage, third-party apps, and social media apps to communicate with co-workers and friends. Threat actors use this against us. Phishing attacks that leverage those messaging channels are the top mobile attack vector for cybercriminals, who steal credentials and manipulate access protected by multi-factor authentication. In Lookout’s 2022 Global State of Mobile Phishing Report, we saw that more than 30% of mobile users encountered at least one mobile phishing threat every quarter in 2022.
Can you share your thoughts on the high encounter rates on mobile devices and tips for recognizing phishing and other cyberthreats?
Over the last decade, attackers have fundamentally shifted their tactics because the mobile device tends to be the path of least resistance to stealing employee credentials. This is because organizations have invested so heavily in protecting traditional endpoints, which made sense before. But now that attackers have changed their behavior, enterprise security teams need to shore up their mobile defenses.
Protecting the mobile device, especially from phishing attacks, is now a critical piece of any modern security strategy. Here are three things you can do to keep yourself safe from mobile phishing attacks:
- Educate employees to never tap the link in a message from an unsolicited sender. If there’s a link from someone who claims to know you, contact that person directly and verify that they sent the link as it could be a social engineering attack.
- Should employees receive a message from an entity that they do business with, they should first access the entity’s website directly instead of using the link sent to their device.
- To keep employees and company data safe, leverage a mobile security solution such as VMware Workspace ONE Mobile Threat Defense for a protective layer that protects users by blocking malicious phishing links received in any app. The solution also helps assess risk across Android, iOS, and ChromeOS devices, and it protects against several other threats.
I know the Lookout team is heads down working on the 2023 Global State of Mobile Phishing report. Any insights and new findings you’re able to preview?
We are starting to break out our threat analytics by industry, below are the highlighted industries for the third quarter of 2023.
We have seen a near-term shift in bad actors targeting organizations that house large quantities of personal information and proprietary data. That data is then further leveraged in downstream attacks.
There has also been a noticeable shift in how cybercrime groups are targeting their victims by using mobile-focused phishing attacks as their initial vector of compromise. The highly publicized recent attacks on casinos and resorts in Las Vegas by Scattered Spider exemplified the effectiveness of mobile phishing in the modern cyber-attack chain. The Scattered Spider group is known to compromise data by targeting users with social engineering attacks directed at the user’s phone to steal their credentials. Once accessed, the credentials are used to gain access to systems that host sensitive data.
Concluding thoughts
I want to thank Michael for his tremendous insights on current cyber threats.
The cost of cybercrime is expected to increase 69% through 2028. Even if Cybersecurity Awareness Month is over, it really is time to secure our world. Learn more about how mobile device protection is a critical part of any organization’s security strategy via this Lookout webinar with Aaron Cockerill, Executive Vice President of Product, Lookout.
See VMware Workspace ONE Mobile Threat Defense in action and learn how the integration with the Workspace ONE platform makes it easier to deploy and activate a comprehensive solution across Android, iOS, and ChromeOS devices.