Cell Phone Cyber Attacks Expected to Rise, Says Report
A new report from Grant Thornton suggests that the new year will see a significant increase in cyber attacks. Almost all of these attacks could be avoided.
Smartphones are increasingly the center of most people’s lives. But as essential as these devices are, we tend to overlook securing them.
A new report from Grant Thornton suggests that the rate of cyber attacks will increase in the new year. “Threat actors are expected to deploy advanced Artificial Intelligence (AI)-led attacks to boost the speed and impact of their campaigns. IoT will throw new challenges to data security,” the report, entitled ‘Cyber Trends in 2019 and Predictions for 2020’, said.
“Cyber attacks are on the rise and will continue to rise. It’s not a matter of if but a matter of when. A framework-driven approach with continuous monitoring will help companies mature their cybersecurity posture and address incidents proactively,” Akshay Garkel, Partner, Cybersecurity & IT Risk Advisory, Grant Thornton India LLP, added.
2019 saw a 54% increase in attacks from 2018. The report argues that 95% of cybersecurity breaches are due to human error. This can be due to a lack of proper hygiene when choosing or changing passwords, device sharing, opening dangerous attachments or visiting dangerous websites, downloading spyware, or failing to use virus-checking software. In 2019, 34% of the reported 4.3 billion records compromised in cyberattacks were breached due to the actions of internal actors.
“Every 14 seconds, a ransomware attack was carried out on companies in 2019, while 71% of reported breaches were financially motivated,” the report states.
Phone hacking is a contentious issue. One way phones are hacked is by using software created for the use of law enforcement. This software exists to counter security measures — such as passwords and fingerprint scans — that would make it difficult for authorities to search a suspect’s smartphone. With most technology vendors taking the side of consumer privacy, these “crowbar” programs offer a de facto backdoor to the phone’s data.
As these software packages are legal, they can be lawfully obtained. In the hands of the wrong people, these programs can be used to copy or erase phone data, install spyware that could capture passwords and emails, or corrupt the phone’s software, making it effectively unusable.
Other phone hacking tactics include phishing, which involves sending a target an email with a link to a website that impersonates a business’s portal. The target is encouraged to log in to the fake portal, not knowing that he/she just shared his/her credentials. Cloning a target’s SIM card also is a preferred method, as it allows hackers the ability to counter more advanced security methods, like multi-stage authentication.
While Google and Apple are good at blocking the latest security vulnerabilities with their operating systems, it is typically easier to hack a phone by exploiting the user’s gullibility. In March 2018, researchers presented their findings on Dark Caracal, a global cyberattack that targeted thousands in over 20 countries. The researchers found that the hackers gained access to their target’s phones by impersonating real apps like WhatsApp and Signal. These trojans were downloaded on non-official third-party websites.
“One of the interesting things about this ongoing attack is that it doesn’t require a sophisticated or expensive exploit. Instead, all Dark Caracal needed was application permissions that users themselves granted when they downloaded the apps, not realizing that they contained malware,” Electronic Frontier Foundation Staff Technologist Cooper Quintin said. “This research shows it’s not difficult to create a strategy allowing people and governments to spy on targets around the world.”
It is advised that you practice strong cyber hygiene to protect your smartphone. This includes never leaving your phone unattended or lending it to those you do not trust, changing the password regularly and using complex passwords, avoiding connecting to untrustworthy WiFi networks and Bluetooth connections, and protecting PINs, passwords, and credit card information. Other steps that can be taken include not downloading from third-party app sites, turning off the autocomplete feature on your phone, adding a security or antivirus app to your phone, and regularly deleting your phone’s cookies and cache.