June 3, 2020

June 02, 2020

Subscribe to Latest Legal News and Analysis

June 01, 2020

Subscribe to Latest Legal News and Analysis

Research Reports Say Risks to Smartphone Security aren't Phoney

Beware! Your favourite apps may be putting your phone and data at risk. Reports from Allot and BitSight have examined rising threats to the security of our mobile devices.

BitSight reviewed over 1,000 companies and 10,000 apps in the business services, finance, technology, education and media/entertainment sectors with apps on iOS and Google Play, to uncover which industries were most often faced with app security challenges. The apps were tested for known security vulnerabilities and issues, such as data leakage, privilege abuse, unencrypted personal information and credential theft.

Media and entertainment companies had the highest percentage of apps that failed high severity tests (over 50%!) Over 30% of education companies, and 25% of finance companies offered risky mobile apps, which could place student data and financial information at risk of unauthorised access.

The most common vulnerability in business services and education apps that failed vulnerability testing was not encrypting end-user data (which includes your phone’s IP address). Over 10% of media/entertainment and education apps that failed were not encrypting end-users’ location data, and over 30% were not encrypting users’ device IDs.

On the other hand, Allot analysed the “threat landscape” which has seen cybercrime become a global “industry”. Over four months, Allot collected data from four mobile operators in Europe and Israel, who protect over 7 million subscribers. During this period, they found 1.73 billion mobile protections were activated, an average of 2 protections activated per user per day! Most commonly blocked threats included adware (over 100 million activated protections) and cryptojacking – cryptomining malware, with almost 1 billion activated protections. A spike in cryptomining malware coincided with the increased interest in cryptocurrencies.

With the number of smartphone subscriptions now at 2.6 billion globally, cybercrime targeting our mobiles is only likely to increase. This evolving threat landscape requires both companies and users to employ adequate security measures to protect their technologies.

Copyright 2020 K & L Gates


About this Author

Rob Pulham Corporate Attorney K&L Gates
Special Counsel

Rob Pulham is an experienced corporate advisory and transactional lawyer with an active technology and privacy practice representing companies in the energy, manufacturing, mining, retail, health and financial services sectors, as well as government and not for profit organisations. He has extensive experience advising customers and vendors in the technology industry, with particular focus on software licensing, data privacy and protection, and systems integration projects. In his role as a senior corporate lawyer, Mr. Pulham reviews organisational policies and practices...

Warwick Andersen Technology Lawyer KL Gates

Mr. Andersen is a senior corporate lawyer with a focus on commercial, technology and sourcing projects. He has advised on large scale outsourcing projects, technology agreements for both vendors and customers, corporate support, privacy and telecommunications regulatory work. He has acted for government departments, large listed companies, telecommunications companies and technology suppliers.