Top 3 Mobile Security Risks in 2018

Andrew Zola
Andrew Zola on Linkedin

There are more mobile devices than ever before and this trend is expected to continue for years to come. In fact, 66% of people in 52 countries will own a smartphone this year (up from 58% in 2016).

Apple’s App Store alone currently has over 2.2 million apps available for download and this number is expected to rise to 5 million by 2020. Google Play, on the other hand, boasts about 3.5 million apps that are currently available for download.

However, mobile doesn’t mean just smartphones and tablets, it also includes wearables like the Apple Watch and all other Internet of Things (IoT) sensors and devices.

As smart devices and apps start playing a considerably more prominent role in our personal and professional lives, security will be key to remaining relevant.

So what are the security threats faced by mobile apps? Let’s take a look at the top five security risks for 2018.

1. Mobile Payments

Mobile payments aren’t exactly popular, but as payment capabilities increase ease of use, it’s expected to grow in the years to come.

At present, most smartphone users are aware of Apple Pay and Android Pay. However, when it comes to actual usage, only 13% of iPhone users have ever tried it and only 3% actually used it during their last shopping spree (and the numbers for Android Pay are more or less the same).

However, people are making online purchases from their mobile devices. According to Unbxd, orders from smartphones made up 36% of all orders while tablets accounted for 12% of all orders in the first three quarters of 2017.

This makes it important for developers to ensure security for apps that take personal and payment information. As mobile commerce grows, bad actors will also turn their attention to mobile platforms. As a result, the risk of a mobile data leak will also grow exponentially this year.

2. IoT Distributed Denial of Service (DDoS) Attacks

IoT has been going through a period of accelerated adoption across industries. However, this creates a situation where bad actors can use malicious code to build a botnet army from millions of vulnerable connected devices (both consumer and commercial smart devices).

For example, Mirai malware leveraged smart devices to launch DDoS attacks on popular websites. This was possible because IoT devices came with low-levels of security that made it extremely easy to take control of millions of devices.

What did they have to do to achieve this? It was as simple as guessing the factory default password!

This year, we can expect more connected devices to be breached as manufacturers try to respond to these rapidly accelerating threats effectively.

As malware also evolves rapidly, manufacturers and developers need to be proactive and take steps to actively adapt and minimize or eliminate all potential threats.

3. Mobile Crypto-Jacking

Although the cryptocurrency market is highly volatile and has been going through a period of significant losses, its popularity hasn’t waned. In fact, browser-based crypto-jacking grew by 34,000% in 2017 and most of it targeted PCs and mobile devices.

As this phenomenon evolves, mobile app developers will have to be proactive to ensure that mobile devices aren’t breached for crypto mining. This is because crypto mining will lead to batteries overheating which can potentially render the device unusable.

It’s safe to say that the mobile device and application market will continue to grow along with the threats that are associated with it. As a result, it’s critical for enterprises to be proactive when it comes to securing all their future and existing applications.

Need to perform a security assessment of your existing mobile app? Our information security experts can help. Reach out to Digi117 now!