Mobile and Cyber Security 2018: Year in Review
Walk your way down memory lane with the biggest cyber security moments of 2018
As 2018 draws to a close, Corrata takes a look back at the last year for cyber security. Overall it was a very eventful twelve months. Defined by high profile data breaches, major changes to privacy legislation with GDPR and increasingly advanced phishing and malware attacks. But, how did these developments and trends impact enterprise and what will this mean for 2019?
Increased enterprise mobility
Smartphone ownership and data usage is now at an all-time high as a result of reduced costs and greater accessibility. Mobile owners use their devices for video streaming, shopping, social media, and connecting with anyone in the world. In fact, global circulation is now estimated to reach over 6.2 billion devices by 2021. Businesses have also realized the value of mobility in improving communication, convenience and productivity among employees. In the past, employees only had access to the internet from their desktops. Today, many enterprises permit the use of mobile devices for professional use as well as personal business.
In 2018 it was reported that 85% of total mobile data traffic was generated by smartphones. As this figure is set to increase over eight times in the next five years, it is clear that enterprise mobility is set to keep rising. This comes with serious risk however. Mobile devices generally lack the cyber security and control features afforded to traditional desktop technology. As a result, many cyber attackers are turning their attention and efforts towards targeting employees.
Mobile phishing attacks growing more sophisticated
Recognizing the opportunity that increased mobility has created, cyber criminals have created powerful phishing campaigns aimed at exploiting mobile channels. 2018 saw a huge increase in these malicious messages, especially via messaging apps and social media platforms. IT specialists found over 70 million fake and suspicious Twitter accounts this year alone. Millions of users on Facebook, Instagram, LinkedIn were targeted by fraudsters posing as legitimate friends or connections in extremely believable spear-phishing campaigns.
Reports announced WhatsApp as one of the riskiest smartphone apps in 2018. This is following the discovery of the ‘Martinelli’ and ‘WhatsApp Gold’ scams circulating through the messaging app. Hackers created these scams to fool users and lure them into following malicious links. These attacks spread worldwide and further highlighted the vulnerabilities of mobile devices that hackers can so easily exploit.
Due to the real-time, constantly connected nature of mobile, hackers are also developing and evolving phishing attack strategies. 2018 saw an explosion of ‘zero-day’ phishing attacks. These are campaigns created, deployed, engaged, and dissolved all in a time frame as short as a single day. This year alone, cyber criminals created over 46,000 new phishing sites per day. Many of these were online for only 4 to 8 hours before moving to an entirely new hosting server. Therefore, they evaded detection from traditional anti-phishing solutions and databases. Cyber security developers are turning to Machine Learning as a solution to cyber crime and detecting zero-day threats.
Data leakage and privacy concerns
Data privacy and concerns over the safety of personal data collected was a prominent issue in 2018. In March 2018, news broke that the personal data of over 50 million Facebook users had been acquired and used by British political consulting firm Cambridge Analytica without the users’ express permission or knowledge. This has led to major investigations into the legitimacy of Facebook’s data collection practices. The breach could be the first major test of Europe’s new privacy laws introduced by the General Data Protection Regulation (GDPR) in May 2018.
Another major data breach was reported in November 2018 after hackers stole the personal information of over 500 million customers of the Starwood Hotel group due to unauthorized access to the hotel giant’s network since as far back as 2014. Under GDPR, Starwood could also face significant fines of up to 4% of its global annual revenue. GDPR has drastically impacted internet privacy and how companies can collect, store, and process customer and employee data. Enterprises all over the world are now reviewing their internet and cyber security policies. These are changes that we are likely to only start seeing repercussions for in the new year.
Rise in malicious apps
2018 also saw a spike in the number of smartphones downloading malicious apps. During the summer, the hugely popular online video game Fortnite announced that it would be made available to Android users through the game’s developer website. This raised concerns that requiring users to enable the ‘Unknown Sources’ setting on their device to sideload the app would make Android users vulnerable to attack from malicious third-party applications. However, as 2018 revealed, downloading an app via an official app store doesn’t always guarantee that the file is safe.
In November of this year, more than half a million Android users downloaded and installed malware. This malicious software posed as driving games on Google’s official Play Store. Reports identified at least 13 gaming apps as malicious and found to install spyware on the device. Google have responded and are working to improve its policies to prevent malicious apps getting into their store. However, users must double check before they download games and apps. This is especially important if they are using their device for professional as well as personal reasons.
Looking back and moving forward
2018 was a year full of interesting trends and discoveries. Enterprise mobility certainly isn’t decreasing and cyber security is only becoming more critical to forward-thinking businesses. Corrata’s cutting-edge Mobile Internet Security and Data Usage Control solutions provide comprehensive protection and control for mobile devices. Corrata can guarantee total security, privacy and peace of mind for your business in 2019. Look out for our 2019 predictions coming in the new year. We have a feeling it’s going to be an exciting one!