In January 2020, the United Nations released a dynamite report. It alleged that the personal smartphone of Amazon boss Jeff Bezos had been hacked by Saudi Arabian crown prince Mohammed bin Salman. According to the findings, a booby-trapped MP4 file arrived on Bezos’s iPhone via a WhatsApp message from the prince, covertly downloaded spyware, and began exfiltrating hundreds of megabytes of data. All of which begs the question, if the richest person in the world can have his phone hacked, how secure are the devices used by your corporate executives?
Fortunately, most mobile cyber-espionage threats aren’t nearly as sophisticated. But they are on the rise. Tackling them will require a considered approach combining a best practice blend of people, process and technology.
Spying goes mobile
Customer data has always been in high demand on hacking forums and dark web marketplaces, where it’s usually snapped up by scammers to use in follow-on identity fraud. Despite the advent of rigorous new data protection regulations such as the EU’s GDPR and CCPA in the US, activity in this area appears undimmed, for now. However, cyber-espionage is typically a more sophisticated marketplace where specific organisations are targeted for high-value internal data that could give rivals a competitive advantage or be used to commit stock market fraud.
While desktop, on-premises infrastructure in large organisations is relatively well protected, the same isn’t always true of the mobile ecosystem. From 2015 to 2019, Trend Micro observed a 1400% increase in mobile cyber-espionage campaigns targeting multiple platforms, operating systems and countries. Some are the work of state actors while others are down to financially motivated cyber-criminals. The bad news is that organised cybercrime groups traditionally associated with desktop attacks are increasingly scrutinising mobile channels to further their goals.
Taking everything
Android remains the most commonly targeted ecosystem, as its relatively open approach means malicious

View Entire Article on