Mobile security


Mobile security, or mobile device security, is the protection of smartphones, tablets, and laptops from threats associated with wireless computing. It has become increasingly important in mobile computing. The security of personal and business information now stored on smartphones is of particular concern.
Increasingly, users and businesses use smartphones not only to communicate, but also to plan and organize their work and private life. Within companies, these technologies are causing profound changes in the organization of information systems and have therefore become the source of new risks. Indeed, smartphones collect and compile an increasing amount of sensitive information to which access must be controlled to protect the privacy of the user and the intellectual property of the company.
The majority of attacks are aimed at smartphones. These attacks take advantage of vulnerabilities discovered in smartphones that can result from different modes of communication, including Short Message Service, Multimedia Messaging Service, wireless connections, Bluetooth, and GSM, the de facto international standard for mobile communications. Smartphone operating systems or browsers are another weakness. Some malware makes use of the common user's limited knowledge. Only 2.1% of users reported having first-hand contact with mobile malware, according to a 2008 McAfee study, which found that 11.6% of users had heard of someone else being harmed by the problem. Yet, it is predicted that this number will rise. As of December 2023, there were about 5.4 million global mobile cyberattacks per month. This is a 147% increase from the previous year.
Security countermeasures are being developed and applied to smartphones, from security best practices in software to the dissemination of information to end users. Countermeasures can be implemented at all levels, including operating system development, software design, and user behavior modifications.

Challenges of smartphone mobile security

Threats

A smartphone user is exposed to various threats when they use their phone. In just the last two quarters of 2012, the number of unique mobile threats grew by 261%, according to ABI Research. These threats can disrupt the operation of the smartphone and transmit or modify user data. Applications must guarantee privacy and integrity of the information they handle. In addition, since some apps could themselves be malware, their functionality and activities should be limited. Malicious apps can also be installed without the owners' permission or knowledge.
Vulnerability in mobile devices refers to aspects of system security that are susceptible to attacks. A vulnerability occurs when there is system weakness, an attacker has access to the weakness, and the attacker has competency to exploit the weakness.
Potential attackers began looking for vulnerabilities when Apple's iPhone and the first Android devices came onto the market. Since the introduction of apps, which are vital targets for hackers, malware has been rampant. The Department of Homeland Security's cybersecurity department claims that the number of vulnerable points in smartphone operating systems has increased. As mobile phones are connected to utilities and appliances, hackers, cybercriminals, and even intelligence officials have access to these devices.
Starting in 2011, it became increasingly popular to let employees use their own devices for work-related purposes. The Crowd Research Partners study, published in 2017, reports that during 2017, most businesses that mandated the use of mobile devices were subjected to malware attacks and breaches. It has become common for rogue applications to be installed on user devices without the user's permission. They breach privacy, which hinders the effectiveness of the devices.
Since the recent rise of mobile attacks, hackers have increasingly targeted smartphones through credential theft and snooping. The number of attacks targeting smartphones and other devices has risen by 50 percent. According to the study, mobile banking applications are responsible for the increase in attacks.
Malware—such as ransomware, worms, botnets, Trojans, and viruses—have been developed to exploit vulnerabilities in mobile devices. Malware is distributed by attackers so they can gain access to private information or digitally harm a user. For example, should malware breach a user's banking service, it may be able to access their transaction information, their rights to log in, and their money. Some malware is developed with anti-detection techniques to avoid detection. Attackers who use malware can avoid detection by hiding malicious code.
Trojan-droppers can also avoid detection of malware. Despite the fact that the malware inside a device does not change, the dropper generates new hashes each time. Additionally, droppers can also create a multitude of files, which can lead to the creation of viruses. Android mobile devices are prone to Trojan-droppers. The banking Trojans also enable attacks on the banking applications on the phone, which leads to the theft of data for use in stealing money and funds.
Jailbreaks for iOS devices work by disabling the signing of codes on iPhones so that applications not downloaded from the App Store can be operated. In this way, all the protection layers offered by iOS are disrupted, exposing the device to malware. These outside applications don't run in a sandbox, which exposes potential security problems. Some attack vectors change the mobile devices' configuration settings by installing malicious credentials and virtual private networks to direct information to malicious systems. In addition, spyware can be installed on mobile devices in order to track an individual.
Triade malware comes pre-installed on some mobile devices. In addition to Haddad, there is Lotoor, which exploits vulnerabilities in the system to repackage legitimate applications. The devices are also vulnerable due to spyware and leaky behaviors through applications. Mobile devices are also effective conveyance systems for malware threats, breaches of information, and thefts.
Wi-Fi interference technologies can also attack mobile devices through potentially insecure networks. By compromising the network, hackers are able to gain access to key data. Devices connected to public networks are at risk of attacks. A VPN, on the other hand, can be used to secure networks. As soon as a system is threatened, an active VPN will operate. There are also social engineering techniques, such as phishing, in which unsuspecting victims are sent links to lead them to malicious websites. The attackers can then hack into the victim's device and copy all of its information.
Some mobile device attacks can be prevented. For example, containerization allows the creation of a hardware infrastructure that separates business data from other data. Additionally, network protection detects malicious traffic and rogue access points. Data security is also ensured through authentication.
There are a number of threats to mobile devices, including annoyance, stealing money, invading privacy, propagation, and malicious tools. There are three prime targets for attackers:
  1. Data – Smartphones are devices for data management and may contain sensitive data like credit card numbers, authentication information, private information, activity logs.
  2. Identity – Smartphones are highly customizable, so the device or its contents can easily be associated with a specific person.
  3. Availability – Attacking a smartphone can limit or deprive a user's access to it.
Attacks on mobile security systems include:
  • Botnets – Attackers infect multiple machines with malware that victims generally acquire via e-mail attachments or from compromised applications or websites. The malware then gives hackers remote control of "zombie" devices, which can then be instructed to perform harmful acts.
  • Malicious applications – Hackers upload malicious programs or games to third-party smartphone application marketplaces. The programs steal personal information and open backdoor communication channels to install additional applications and cause other problems.
  • Malicious links on social networks – An effective way to spread malware where hackers can place Trojans, spyware, and backdoors.
  • Spyware – Hackers use this to hijack phones, allowing them to hear calls, see text messages and e-mails, and track a user's location through GPS updates.
The source of these attacks are the same actors found in the non-mobile computing space:
  • Professionals, whether commercial or military, who focus on the three targets mentioned above. They steal sensitive data from the general public, as well as undertake industrial espionage. They will also use the identity of those attacked to achieve other attacks.
  • Thieves who want to gain income through data or identities they have stolen. The thieves will attack many people to increase their potential income.
  • Black hat hackers who specifically attack availability. Their goal is to develop viruses, and cause damage to the device. In some cases, hackers have an interest in stealing data on devices.
  • Grey hat hackers who reveal vulnerabilities. Their goal is to expose vulnerabilities of the device. Grey hat hackers do not intend on damaging the device or stealing data.

    Consequences

When a smartphone is infected by an attacker, the attacker can attempt several things:
  • The attacker can manipulate the smartphone as a zombie machine: a machine with which the attacker can communicate and send commands which will be used to send unsolicited messages via SMS or email.
  • The attacker can easily force the smartphone to make phone calls. For example, one can use the API PhoneMakeCall by Microsoft, which collects telephone numbers from any source and then calls them. The attacker can use this method to call paid services, resulting in charges to the smartphone owner. Dangerously, the smartphone could call and disrupt emergency services.
  • A compromised smartphone can record conversations between the user and others and send them to a third party. This can cause user privacy and industrial security problems.
  • An attacker can also steal a user's identity, usurp their identity, and thus impersonate the owner. This raises security concerns in countries where smartphones can be used to place orders, view bank accounts, or are used as an identity card.
  • The attacker can reduce the usability of the smartphone, by discharging the battery. For example, they can launch an application that will run continuously on the smartphone processor, requiring a lot of energy and draining the battery. Frank Stajano and Ross Anderson first described this form of attack, calling it an attack of "battery exhaustion" or "sleep deprivation torture".
  • The attacker can make the smartphone unusable. This attack can delete the boot scripts, resulting in a phone without a functioning operating system; modify certain files to make it unusable, such as a script that launches at startup that forces the smartphone to restart; or embed a startup application that will empty the battery.
  • The attacker can remove the user's data, whether personal or professional.