How Secure Is Your Smartphone?

Cybersecurity Awareness – By Ron Frechette, The Cyber Coach

When most people think about the potential of having their personal, financial, or business information stolen, they rarely consider their smartphone as a threat vector for cyber criminals.  It is estimated that American adults spend an average of 11 hours per day on their phones. The smartphones of today are much more powerful than the PCs of yesterday.

In today’s Digital Age, most of us use our smartphones as a primary means for conducting both personal and professional business tasks such as on-line banking, shopping, and/or sending client emails that may contain sensitive information.  In our quest to be more efficient, we fail to consider the risks and vulnerabilities smartphones pose for cyber-attacks.

Mobile Device Breaches on the Rise

The number of security incidents involving mobile devices has increased over the past year, simply because we are not protecting our smartphones as well as we do other devices such as PCs and laptops. According to a recent study by Verizon, one in three organizations admitted to suffering a compromise due to a mobile device.  Mobile device manufacturers have, for the most part, done a good job building secure mobile operating systems. That said, as the cyber-criminal landscape continues to increase, so does the risk of cyber-attacks on smartphones.  Let’s examine how hackers are exploiting our mobile devices.

How Hackers are Accessing Mobile Devices

Malware

Malware is making its way onto mobile devices. Like with a PC, you can be tricked into downloading  malware to your mobile device. It’s often disguised as something that would entice you to respond.

Synchronization

PCs view mobile devices as storage device, like a flash drive. When you synchronize your phone with your PC, some types of malware can jump to, or from, your mobile device.

Buffer Overflow Attacks

When a program tries to store more data than it was intended to hold, it overwrites adjacent memory caused by a programming error. A side effect of the error can lead to a common type of security attack. These buffer overflows affect data integrity and/or can lead to privilege escalation or remote code execution attacks on PCs. Buffer overflows are being seen more on mobile devices.

DDoS Attacks

Denial of Service attacks are designed to make computer resources unavailable to their intended users. Again, once focused solely on PCs, we are now seeing this type of attack on smartphones.

SMiShing

SMiShing is basically phishing that can be carried out via text message. Cybercriminals use cell phone text messages to entice you into exposing sensitive information.

7 Steps to Secure Your Smartphone

1.      Password-Protect Your Phone

Use a complex and unique password. A good password mixes letters, numbers, punctuation and special characters.

2.      Set Your Phone to Auto-Lock

Auto-locking will require a password for you to re-enter after a certain amount of time. This feature is imperative in public spaces where many phones look alike and can be accidentally swapped.

3.      Use VPN on Wi-Fi networks

Use a VPN whenever possible, especially in public places that offer free Wi-Fi.

4.      Turn off GPS, Bluetooth and wireless features

Obviously, when you’re not using them. They drain battery life and thieves can pair their Bluetooth device with yours to hack personal information or even track you.

5.      Enable Remote Wiping & Tracking

In the event your phone is stolen, you can remotely lock your phone and even erase its data while the GPS tracks its movement.

6.      Verify Before You Download

Before downloading any apps to your phone, always do a quick search to make sure they come from a legitimate site or publisher.

7.      Conduct Routine Back Ups

Make sure to conduct routine backups on a computer, USB drive or cloud storage service.

In Closing

These best practices will dramatically reduce the risk of your smartphone becoming your worst enemy.  As we enter the summer months, especially in vacation mode,  our cerebral defenses tend to wane as we lie on the beach, listen to music, and sip on our favorite fruity drinks while recklessly swiping and clicking away on our smartphones. Cybercriminals know this and are ready and waiting to strike.

Wishing all a fun, relaxing summer and a safe journey in cyberspace!

GoldSky Security offers small and medium sizes business cybersecurity solutions across the US and currently has offices in Orlando, Denver, Nashville, Phoenix, Tampa  & Washington D.C.

Sources:

https://goldskysecurity.com/dreamsecure-crms/https://www.nist.gov/topics/cybersecurity

https://www.nist.gov/topics/cybersecurity

Questions? Send me a tweet: @GoldSkyRon or email ron.frechette@goldskysecurity.com