Minimize your digital risk by detecting data loss, securing your online brand, and reducing your attack surface.
A powerful, easy-to-use search engine that combines structured technical data with content from the open, deep, and dark web.
Digital Risk Protection
Read our new practical guide to reducing digital risk.
New report recognizes Digital Shadows for strongest current offering, strategy, and market presence of 14 vendors profiled
Read Full Report
The UK’s National Cyber Security Centre (NCSC) and the National Crime Agency (NCA) released a joint paper on the cyber threats to UK businesses on March 14th. This paper can be seen as an authoritative voice with regards to the “state of the nation” and cyber threats to UK corporations.
While much of the media response to the paper focused on one part of the document which discussed threats from ransomware and connected devices, another section of the paper examined the emerging threat from malicious mobile applications. The paper assessed that at the time of writing, while there had been no reported cases of mobile malware being used in an attack to pivot into a corporate enterprise network, it is a growing threat and overall attacks involving mobile malware have increased in volume and sophistication. The increasing speed, power, and storage capabilities of mobile devices means they are used more frequently for activities previously conducted on other platforms, such as laptops or PCs. Mobile devices are considered to be highly lucrative and viable targets to threat actors.
Three prominent trends were identified in the cyber threat report:
In recognition of the growing nature of mobile threats, Digital Shadows has recently extended its SearchLight digital risk management service to focus on Mobile Application Monitoring. The wide range of threats detected includes:
By identifying these threats, organizations can protect themselves from potential theft of intellectual property, mitigate against brand misuse and prevent subsequent reputational damage. Organizations without mobile applications or use of SMS communication are still considered to be at risk of threat actors developing malicious and illegitimate applications, or targeting their customers with SMishing attacks.
To mitigate this threat it’s important to improve education around mobile applications risks. This includes the risk of purchasing from third-party stores, downloading cracked versions of applications, and granting requests for intrusive permissions and privileges all increase risks to end users. Organizations should ensure that operating systems are up to date, helping to prevent against the exploitation of vulnerabilities by threat actors.
Mobile devices and applications have been described as the “new battleground” in digital risk and security. Therefore, all mobile users should benefit from knowing what threats are lurking over the horizon.