The Hidden Mobile Threat Landscape

Every year we become more mobile-centric and during 2020 the pandemic accelerated that growth. At the same time attacks on mobile devices are increasing and are often very different from those in a desktop computer world. News about new mobile threats is a regular occurrence and will only increase.  But that is not the only mobile security issue we face.

It’s Not Just Phones

Along with the growth in use of mobile phones comes an increased demand for mobile apps. 218 billion apps were downloaded in 2020 and more than $240 billion spent in app stores worldwide.

You might think that as long as you make sure all your employees are careful about the apps they download to business or BYOD devices that is the extent of your exposure to business risk when it comes to mobile devices.  But if you have your own app a significant portion of an enterprise’s overall attack surface exists beyond the firewall, and can you be sure that your security teams have the visibility they need of this area?  Of course there is some reassurance in that you own and manage these apps and so have come control.  But what if you don’t?

Rogue Apps

Threat actors take advantage of people’s inherent trust in apps (unlike phishing emails where many people are sceptical) to produce “rogue apps”. Rogue apps mimic well-known brands, banks or otherwise purport to be something they’re not (think something like a fake World Health Organisation app), purpose-built to fool customers and users into downloading them. These can be very authentic looking and often fool people who think themselves to be tech savvy.  Some have even made their way into the big app platforms such as Google and Apple AppStore.

When an unsuspecting user downloads these malicious apps the threat actors phish them for sensitive information or upload malware to their devices. Causing all sorts of trouble for the user.

And that app had YOUR name on it! 

We have all seen the reputation damage done by an organization associated with a data breach.  At least they have business security plans that can kick in.  With a copycat app you don’t even own or manage the app that is doing all the damage.  It’s a consumer trust nightmare.

Even though an organization doesn’t own the rogue app, you are still part of its attack surface because it’s leveraging YOUR branding and targeting YOUR prospects, customers, and employees. But this is not an area many security teams are looking at.  However it is vital it is detected and addressed. Therefore it is necessary to extend security and IT protection outside the firewall, which requires mapping of billions of relationships between the internet components belonging to every organization, every business, and every threat actor on Earth. That is a big ask.

Enterprises need to prepare for this reality.  They need to be able to discover unknowns across their attack surface and investigate threats to their organization.  They need Attack Surface Management.

RiskIQ leverages daily scans of nearly two billion resources to look for mobile apps in the wild. Every app encountered is downloaded, analysed, and stored to record changes and new versions. RiskIQ’s Attack Surface Management platform provides both detection data of these malicious apps and tips for spotting them.

To discover your total internet attack surface, please call activereach on 0845 625 9025 or contact us here.