September 15, 2019

September 13, 2019

Subscribe to Latest Legal News and Analysis

Research Reports Say Risks to Smartphone Security aren't Phoney

Beware! Your favourite apps may be putting your phone and data at risk. Reports from Allot and BitSight have examined rising threats to the security of our mobile devices.

BitSight reviewed over 1,000 companies and 10,000 apps in the business services, finance, technology, education and media/entertainment sectors with apps on iOS and Google Play, to uncover which industries were most often faced with app security challenges. The apps were tested for known security vulnerabilities and issues, such as data leakage, privilege abuse, unencrypted personal information and credential theft.

Media and entertainment companies had the highest percentage of apps that failed high severity tests (over 50%!) Over 30% of education companies, and 25% of finance companies offered risky mobile apps, which could place student data and financial information at risk of unauthorised access.

The most common vulnerability in business services and education apps that failed vulnerability testing was not encrypting end-user data (which includes your phone’s IP address). Over 10% of media/entertainment and education apps that failed were not encrypting end-users’ location data, and over 30% were not encrypting users’ device IDs.

On the other hand, Allot analysed the “threat landscape” which has seen cybercrime become a global “industry”. Over four months, Allot collected data from four mobile operators in Europe and Israel, who protect over 7 million subscribers. During this period, they found 1.73 billion mobile protections were activated, an average of 2 protections activated per user per day! Most commonly blocked threats included adware (over 100 million activated protections) and cryptojacking – cryptomining malware, with almost 1 billion activated protections. A spike in cryptomining malware coincided with the increased interest in cryptocurrencies.

With the number of smartphone subscriptions now at 2.6 billion globally, cybercrime targeting our mobiles is only likely to increase. This evolving threat landscape requires both companies and users to employ adequate security measures to protect their technologies.

Copyright 2019 K & L Gates

TRENDING LEGAL ANALYSIS


About this Author

Rob Pulham, KL Gates, Corporate technology requirements lawyer, contracts drafting attorney
Senior Associate

Mr. Pulham is a corporate and commercial lawyer. His practice includes advising clients in managing their technology requirements and contracts (including drafting, review and negotiation of contracts for the provision of technology products and services), providing advice regarding privacy, data protection and copyright law, marketing and advertising, website content and general commercial intellectual property advice.

Mr. Pulham's experience includes having worked for leading technology suppliers, large Australian financial institutions, and...

61-3-9640-4414
Warwick Andersen Technology Lawyer KL Gates
Attorney

Mr. Andersen is a senior corporate lawyer with a focus on commercial, technology and sourcing projects. He has advised on large scale outsourcing projects, technology agreements for both vendors and customers, corporate support, privacy and telecommunications regulatory work. He has acted for government departments, large listed companies, telecommunications companies and technology suppliers.

+61-2-9513-2508