Top Mobile Threats and Consumer Concerns
Mobile consumers continue to be the fastest growing group and online, and we asked 10,000 people of all ages and backgrounds what they were most concerned about. Across this diverse group, the message is clear.
- App makers have the duty to protect: Before the onus was on consumer to protect apps and themselves. Now, consumers are saying more than ever, they expect app makers to protect apps.
- The expected level of protection is higher. It’s no longer about basic issues, but advanced problems like malware.
As seen below, regardless of generation and all mobile threats, consumers fear local, on-device threats more than network based threats. Of the on-device threats, malware related threats are of greatest consumer concern, for example, theft from malware and malware trojans.
Malware Trends and Costs
Reports show that malware reached 43M at the end of 2020, with over three million of these detections being new.
The malware attacks can cost millions. Malware attacks in 2019 cost the average US company an average of $2.4 million per year.
These malware attacks take time to address and recover from. Hacking statistics show that the average recovery time for a business or individual from a malware attack can be 50 days.
Fraud and Security Vulnerabilities by Industry
As hackers and fraudsters have evolved, they have become more targeted, increasing their efficacy at attacking multiple companies within an industry.
In mobile banking, there have also been dramatic increases in specialized trojans, such as remote access trojans and mobile banking trojans – up 173%. For example, the GNIP banking trojan pretended to be a Covid-19 contact tracing app. In reality it was getting victims to provide their bank card details.
In retail, mobile fraud costs $100M/year, according to Lexis Nexus. During peak coronavirus months, mobile click fraud increased 62 percent, according to research that looked at more than 1.8 billion clicks across 5,000-plus online ad accounts in 78 countries. Search spend is vital for advertisers, including online retailers. But much of the spend is wasted on invalid clicks and carried out on mobile devices.
Healthcare records are a lot valuable because of the personal information they contain. According to a recent Trustware report, on the dark web, healthcare records are worth up to $250 per record, as opposed to $5.40 for a credit card number. Ransomware attacks on healthcare organizations continue to grow with enormous costs. We’ll discuss why mobile apps are the weak link in ransomware in the next section.
Top Mobile Threats: Malware Types and Consumer Concerns
A mobile trojan deceives the user into thinking that the program is useful or beneficial to them in some way. But in reality, the program performs actions that harm the user or exploits the user or app to harm other apps or services. Social engineering is often used to spread the use of trojans.
RATs are a specific type of trojans that provides attackers with remote control. Many trojans recently have been designed to install backdoors for adversaries that serve as a ‘way in’ to gain access to an otherwise protected or restricted environment at a later date. Trojans allow an attacker to access users’ personal information such as banking information, passwords, intercept MFA pin codes, or authentication tokens or cookies that can be used in account takeovers. One of the most recent, infamous examples of RATs is Pegasus, a trojan used to monitor journalists and activists.
In terms of ransomware, the mobile app is the weak link. In order for a mobile app to connect to a mobile backend, that app has to contain very valuable network information. That network information includes SSL certificates, API information, server addresses, usernames and passwords. When this network data is not well protected, bad actor can harvest this data and then gain unauthorized access to a hospital or other organization’s backend servers. Once inside, fraudsters can install malware to be used in a ransomware attack.
Current Approaches to Mobile Threats and Consumer Concerns
Endpoint Security products are often focused company issued phones or devices only. Vendors in this space are also focused on addressing security issues or attacks, not abuses or misuses of the app. Hence organizations needing mobile fraud prevention will have to look at another product, in addition to Endpoint Security.
While the Fraud Prevention market has been focused on identifying fraud, once fraud has been identified, the damage is done. Questions I got all the time as co-creator of a fraud monitoring product: (1) can you stop the fraudulent transaction from executing (2) can you stop the fraudster from onboarding? What people were really asking me was: can you stop the fraud from happening in the first place?
The next question I’d get: how do I know if an event is without question related to fraud? In reality, an event with a high threat score doesn’t mean that fraud actually occurred. For companies with fraud monitoring tools, people may dealing with a lot of false positives, wasting internal resources. False positives can mean friction for the customer and delays in the customer experience- because customers have to deal with being flagged for fraud. For example, some tools block traffic at the network level or dynamically introducing CAPTCHA-type challenges. Both tactics slow down good customers.
Network Traffic Monitoring and AI
These tools may have sophisticated AI based tooling to look at patterns in traffic. But the focus, like fraud monitoring is on identifying the security issue or fraud, which is too late.
Some of these solutions are designed to protect networks and network resources first. While the fraud is occurring and the system is learning, mobile end users are being impacted by the fraud. When a bad act is identified, the systems enforces protections against the fraud, but these enforcement points normally include blocking network traffic. Even though the network is protected, the mobile end user and app remain at risk.
SDKs and Manual Coding
By far, the most common approach we hear of is manual coding or using SDKs. While SDK vendors might say you just have to add one line of code, there are a number of hidden costs associated with that line of code. Those hidden costs include implementation, trouble shooting, time and opportunity, update and delay costs. Underlying all these costs is the hidden complexity of mobile apps. First, many app makers are focused on developing new features for users, as they should be. Not keeping up with the nuances of every combination of OS, development framework, and security feature. On top of that, iOS and Android are changing continuously, resulting in multiple releases for app makers per year for each new OS, app and SDK. Each new rev of iOS or Android means new development, new testing and troubleshooting.
Appdome Approach to Mobile Threats and Consumer Concerns
With Appdome, organizations can address the complexities of protecting from hackers and fraudsters in ways other solutions don’t offer. Beyond simple security basics, Appdome provides protection from malware. Appdome also provides different ways to respond, from having the app shut itself down to protect itself, to passing the event back to the app or to an external threat response system to enforce. Appdome gives developers the flexibility to enforce the corrective action that fits their specific use case or threat response model. Furthermore, with hackers ever-evolving, the attack surfaces ever-expanding, addressing the threat from external forces can be daunting. Finally, Appdome focused on stopping fraud from happening in the first place, as opposed to waiting for the fraud to happen when the damage has been done.
With Appdome, organizations can automate the process of protecting from hackers and fraudsters. Instead of waiting until the end of app development, you can code in security and fraud prevention at any time in your development process with a few simple clicks. No need to code. No SDK.
With Appdome, companies choose the security features they need for a release (and only those features) through a GUI or API. Also, organizations are using security best practices in a workflow used by the largest companies in the world with hundreds of releases each year. This workflow is so flexible that enables disparate, global dev, security ops teams to work together in a coordinated way that releases secure apps on time.
To embrace mobile DevSecOps and effectively protect from security vulnerabilities and fraud, the entire organization must adhere to new, rapid release processes that meld the different disciplines, development, security and operations, into one continuous workflow. In the new DevSecOps workflow, (a) actions are held by the group most capable of completing them, and (b) each group is accountable, transparent and, for its part, deliver with certainty in the release process. Appdome comprehensively protects from jailbreak and rooting at the same time it enables each group in the organization to deliver its part with certainty in the release process.
To see Appdome in action, click here for a demonstration.