What you need to know:
-
Users are 6-10 times more likely to fall victim to an SMS phishing attack than an email attack
-
90% of successful cyberattacks and as many as 70% of successful data breaches originate at endpoint devices
-
Over half of all companies (62%) have experienced a breach that was at least partially attributable to remote working in the past three years
BASKING RIDGE, NJ – Today Verizon Business released the 2023 Mobile Security Index (MSI) report. This year’s report is the sixth publication, and presents the top threats seen in securing mobile devices. With insights from Verizon’s partners Akamai, Fortinet, Lookout, Allot, IBM, Proofpoint, Check Point and Ivanti, it provides insights and best practices to help organizations achieve flexibility and security across business practices.
As we’ve seen, reliance on multiple mobile devices compounded by the multitasking that often comes with mobile use is an ultimate threat for organizations. With 61% of CISOs, and 53% of CEOs surveyed believing that their organization is unprepared to cope with a targeted cyberattack in the next 12 months – striking a balance between user experience, privacy and cost is key.
Impact Across Business
Bring-your-own-device (BYOD) policies, hybrid working and the proliferation of Internet of Things (IoT) have multiplied the scale and complexity of protecting endpoints. This ultimately affects the business, its employees, shareholders and customers. That helps explain why over a third (34%) of users have fallen for one of the five following basic security errors.
-
Clicking a phishing link (18%)
-
Downloading malware from smish (SMS phishing) (13%)
-
Downloading malware generally (11%)
-
Giving personal information to a scammer (9%)
-
Giving a password to an untrustworthy source (8%)
“A lack of understanding of the potential consequences combined with the blurring of boundaries between home and work make a dangerous combination,” said Mike Caralis, Vice President of Business Markets at Verizon Business. “Cyber crime is getting more sophisticated by the years, and it doesn’t always come in the form that you’d expect.”
AI as a Challenge for Cybersecurity
The recent growth of generative artificial intelligence (AI) has proven to be a cybersecurity challenge. Anyone with internet access can create a deep fake image or video. Attackers are exploiting this technology to make phishing attacks even more effective.
Just a sample of someone’s voice is enough to create a believable impersonation of their voice. That online video interview with the CEO could very easily be turned into a convincing voicemail instructing an employee to change the payment details of a large supplier or reset credentials to an important system.
Securing IoT devices is one of the most challenging aspects of mobile device security. Attacks targeting IoT devices are rapidly evolving among cybercriminals as:
-
The number of devices grows—making the devices an appealing target as an attack vector
-
The power of devices increases—making them a potential vehicle for attacks (such as part of a botnet used to carry out a distributed denial-of-service attack)
-
The applications become more mission-critical—making the devices themselves targets
Home Wi-Fi
According to the whitepaper, a staggering 71% of users don’t change the default password on their home Wi-Fi. Nearly a third (28%) don’t password-protect their home Wi-Fi at all.
Public Wi-Fi
The vast majority (90%) of remote workers access corporate resources from locations other than their home—the average is five different locations. This can expose the organization to additional security risks.
Solutions
As technology evolves so does risk. Mobile and tech security has become an essential business priority.
Read the Verizon 2023 Mobile Security Index, and learn suggested best practices your organization can implement. If you’re interested in learning more, here you will find information about Verizon’s 5-step Social Engineering Defense plan, customizable for your organization’s needs.