Mobile Threats Lurking Around Every Corner

Risk of Attack Increases Every Month According to Mobile Threat Intelligence Report

On the eve of Halloween, Skycure, the leader in mobile threat defense, announced the results of its first Mobile Threat Intelligence Report, which found an increase in threats to both enterprise and personal mobile devices. By analyzing worldwide mobile data from Skycure and outside sources, the report found 41 percent of mobile devices are at medium to high risk on the Skycure risk scale. Nearly two in every hundred are high risk devices–already compromised or were under attack. Skycure ranks devices according to a proprietary Mobile Threat Risk Score, which takes into account recent threats the device was exposed to, device vulnerabilities and configuration, and user behavior.

Risks increase over time, according to the study. In one month, about 22 percent of devices will encounter network threat, with that number jumping to 40 percent over the following three months. The majority of devices are not equipped to fight these threats. The report reviewed data from devices with Skycure either installed by enterprises on employees’ mobile devices or by security-aware consumers. Despite these protections, the report found that the majority (over 52 percent) of all devices do not even have a simple passcode enabled, and 30 percent of devices were running an out of date operating system.

To compile the Mobile Threat Intelligence Report, Skycure reviewed worldwide threat Intelligence data based on millions of monthly security tests from July through September 2015, including both consumer devices and devices under management in enterprise organizations. Data includes Skycure’s proprietary Mobile Threat Risk Score which acts as a credit score to measure the risk of threat exposure for mobile devices. For organizations, Skycure condenses millions of data points to calculate a risk score so that IT can quickly discern the state of the overall system and the risk to each device.

With more than two billion smartphones in the world, the attack surface is massive and tempting to cyber criminals. Billions of devices are at risk for attack, but the human factor may be the weakest link.

The report found that :

• The majority (52 percent) of devices do not have any type of passcode enabled, including alphanumeric, biometric, and swipe codes
• One in three Android devices is still vulnerable to one of the recent high-profile Android attacks, with an out-of-date operating system (ie. the most recent major version)
• Twenty-six percent of iOS devices also have an out-of-date operating system
• Enterprise-managed devices remove some of the risk. More than five times more personal Android devices are rooted than enterprise-managed devices. The report found very few jailbroken iOS devices in enterprises. Rooting or jailbreaking a device removes most of the inherent security features of the operating system

Mobile devices are under constant threat of attack. The report found that devices encounter threats on a daily basis and many have already been infected. Android devices are at particular risk based on user behavior.

• Nearly three percent of Android devices are infected with malicious apps with medium to high severity
• More than one in four (27 percent) Android devices has third-party app installation enabled, meaning that it can install apps outside of the official Google Play store. Interestingly, 33 percent of enterprise-managed devices have this possible vulnerability enabled versus 20 percent of personal devices because some enterprises use it to install third-party enterprise apps.
• More than 15 percent of Android devices have USB debugging enabled, an easy way for a malware application to make it to the mobile device from a computer

“Threats to mobile devices are real and based on what we’re seeing in this report people aren’t doing enough to protect themselves,” said Adi Sharabani, CEO of Skycure. “Skycure brings invisible mobile threats to the surface, so that enterprises can fight the bad guys on a level playing field.”

[su_box title=”About Skycure Mobile Threat Risk Score” style=”noise” box_color=”#336588″]Factors that affect the risk score include recent threats the devices were exposed to, device vulnerabilities and configuration as well as user behavior. Rankings of High, Medium, Low, and Minimal risk are calculated based on the number, significance, and recency of factors and assigned to the device in real-time.[/su_box]

[su_box title=”About Skycure” style=”noise” box_color=”#336588″]Skycure is a mobile threat defense company that detects and prevents cyber attacks without compromising the mobile user experience or privacy. Skycure’s predictive technology leverages massive crowd knowledge to proactively identify threats and secure mobile devices. Skycure’s founders, Adi Sharabani and Yair Amit, have identified some of the most-discussed mobile device vulnerabilities of the past few years. The company has offices in Silicon Valley, Tel Aviv, and Ottawa, and is backed by Pitango Venture Capital, Shasta Ventures, New York Life, Mike Weider, Peter McKay, and other strategic investors.[/su_box]