New research conducted by McAfee has found that mobile malware tripled in scope last year, compromising 82% of Android apps.
McAfee has discovered that 82% of Android apps are compromised with increasingly malicious and invasive malware, in particular placing at risk those smaller businesses without a mobile device management strategy in place.
The study found a steep rise in malware downloaded through seemingly harmless apps, such as tools, to give cyber criminals remote control over devices or use exploits to get installed on vulnerable systems. It also revealed that over a third of apps (36%) know users’ account information, while more than a quarter (26%) read how individuals use the apps on their chosen device.
Mobile technology: crucial for SME business success
For small businesses this proliferation of threats comes at a critical time. According to an Oxford Economics study, mobile technology is crucial for SMEs to succeed in business. For most SMEs, mobile is instrumental for delivering customer service benefits and improving product development.
The steep rise in attacks against mobile devices not only puts small businesses at risk but also opens up access to the much larger organisations with which many SMEs do business. Protecting SMEs and securing the supply chain is incredibly important to ensure any potential data breaches are not exacerbated and cause widespread damage.
Information gathered through malware can give cyber criminals the exact geographic location of infected devices as well as the ability to contact the victim via SMS to launch attacks such as highly personalised phishing scams.
The vulnerabilities also allow hackers to find defences such as antivirus software and instruct malware to manoeuvre around or interfere with it.
Protecting against mobile malware
SME business leaders should take this proliferation of threats as a stark warning and ensure their business is protected against mobile malware by following the below advice:
(1) Educate employees
Mobile and remote users often struggle with technology and see security systems as an obstacle to productivity. They will click past a software update alert or defer a suggested scan in the interest of speed. Small business owners should educate remote employees and provide security tools that work well and as unobtrusively as possible to minimise any potential threats, user error or naivety.
(2) Inventory devices
SMEs should identify and secure all devices employees use, including USB sticks, smartphones, tablets and laptops. This will enable them to identify devices that shouldn’t be accessing the network.
(3) Protect the network
With employees logging on at various times and places, networks are under threat. Protect network access with virtual private networks (VPNs) and firewalls.
(4) Remove access to the network once employment is terminated
It may sound obvious, but it’s not always top of the list when an employee leaves. Blocking access immediately will prevent past employees from having access to valuable and confidential company data.
Tim Stone, SME director for the EMEA region at security specialist McAfee, urges small business owners to take action now.
“Small businesses have become a prime target for cyber criminals,” said Stone. “The research findings show that mobile malware is the weapon of choice. One incident is enough to potentially obliterate businesses and reverberate through the supply chain, causing further damage. It’s critical that SMEs do not gamble their reputation and their customers’ details and put into place basic steps that will deter attackers and boost defences.”
To find out more about the mobile threat download the McAfee Mobile Security report