Check Point is an international cyber security vendor that shares reports and white papers every so often. I took a look at their Mobile Threat Research Report, which alarmingly states:
MOBILE CYBERATTACKS IMPACT EVERY BUSINESS
in big capital letters, then tells us
EVERY ENTERPRISE HAS EXPERIENCED A MOBILE ATTACK. THEY JUST DON’T KNOW IT.
Obviously Check Point has a vested interest in raising the alarm, but I tried to look beyond that to see what useful information was in the report. Here are three things I learned.
1. Most of the malware spotted proved to be auto-dialers on the phones of government employees
It is not clear why government employees would be so prone to installing software which creates premium rate calls and text messages without the owner’s knowledge. Do governments have lax security policies? Do they never query their phone bills? Nevertheless, 43 percent of all the rogue dialing software identified was found on phones that are supposed to be used for government affairs.
2. Telcos are attacked less than other types of industry
Per Check Point’s data, 8 percent of mobile malware attacks were suffered by telcos. This compares to 29 percent for the financial sector, 26 percent for government and 18 percent for tech firms.
3. Three-quarters of all organizations had a jailbroken or rooted device on their network
It is more likely that malware will find a home in a jailbroken iOS device or a rooted Android device. Check Point also observed that the average was 35 jailbroken or rooted devices per organization. However, the value of this latter information was undermined because Check Point did not advise how many other devices were connected, so we have no way of telling if they size of the typical business covered by the research was large or small.
Conclusions
The report preferred to focus on scary headlines and offered little supporting detail. As such, it is difficult to validate the authors’ interpretation of the data they gathered.
The paucity of detail is illustrated by the report’s regional analysis, which divided the world into just three regions: the Americas, EMEA and APAC. I do not expect Nigerian fraudsters to be doing the same things as Dutch fraudsters, and nor would I expect the malware attacks commonly found in India to be the same as those which trouble the Japanese.
More geographical granularity would have helped to establish which issues are truly global, and which were specific to particular places and organizations. For example, the high propensity of auto-dialers amongst government employees might be caused by particular problems with the government of one large country, and this could have skewed the sample.
The report also suffered because there was very little analysis of data between categories. For example, the report would tell us that 44 percent of remote access trojans were found on phones used by employees of the financial sector, but not how many trojans there were compared to other categories of malware.
The report contains some alarming claims, but barely mentions how the evidence was gathered. You may want to use this report for quick attention-grabbing stats. However, if you were challenged to provide evidence or detail then the report will not help you.
The Check Point Mobile Threat Research Report can be obtained by registering for a copy here.