An analysis by Skycure of the patch updates among the five leading wireless carriers in the United States found that 71 percent of mobile devices still run on security patches more than two months old.
The company's Mobile Threat Intelligence Report also found that six percent of devices run patches that are six or more months old. Without the most updated patches, these devices are susceptible to myriad of attacks, including rapidly rising network attacks and new malware, also detailed in the report. In tech city centers, Boston topped a list of tech cities with the largest growth in network incidents with a more than 960 percent increase. The report also found that common malware grew by more than 500% from the first quarter to the fourth quarter of 2016.
“Malware, network attacks and advanced exploitation campaigns many times depend on unpatched vulnerabilities to be successful,” said Yair Amit, co-founder and CTO of Skycure. “It’s essential that users and companies know the moment that a device is able to remove these risks to reduce the window of vulnerability. That’s why we built this capability directly into Skycure and why we have a focus so heavily on security research. The only way to beat the bad guys is to be one step ahead of them.”
Wireless Carriers and Vulnerabilities
A huge number of Android vulnerabilities were identified in 2016, rising to more than four times the number in 2015. Almost half of those vulnerabilities allowed excessive privileges, while others allowed other bad effects, like leakage of information, corrupted memory, or arbitrary code execution. Because carriers must make Android patches available to their users before they can patch their devices, Skycure analyzed devices on AT&T, MetroPCS, Sprint, T-Mobile, and Verizon to determine the age distribution of security patches on the leading carriers. According to the report:
- The most recent security patch released by Google has only been adopted by a very small percentage of the devices. Skycure reported that AT&T users were up to ten times more likely to have this latest patch installed.
- Among the five major US carriers, MetroPCS had the highest percentage of devices with patches more than three months old, making their devices the most susceptible to attack.
- Stand-alone protection above and beyond the integrated protections with the EMM
- Among all the major carriers, more than one-third of devices had patches more than three months old. Google releases Android security patches every month, meaning these devices are at least three patches behind, exposing vulnerabilities on these devices ripe for hackers.
Massive Increase in Network Incidents: Tech-center Focus
Skycure also tracked trends in network incidents over 2016. To highlight the rise in risk of network attack for mobile devices, Skycure analyzed network incidents in the major technology centers* of the US over the course of the year. The report found:
- The volume of incidents rose dramatically from the first quarter to the fourth quarter of 2016, ending Q4 with more than three times the number of incidents of Q1.
- Boston had the greatest increase in incidents throughout the year, reaching nearly 11 times the number of incidents from the first to fourth quarter, followed by Chicago, Raleigh-Durham, and Washington DC.
According to the Skycure report, malware has become a popular hacking tool because common types of malware are available for sale to anyone on the Internet. This means that even people with little technical skill can purchase malware and hack mobile devices. The Skycure report details and defines the most common types of malware, and found:
- The most common types of malware are: adware, hidden apps, potentially unwanted apps, riskware, spyware, and trojans.
- The number of these common types of malware grew by more than 500% from Q1 to Q4 of 2016.
- Among the common types of malware, hidden apps ended the year with the fastest growth in 2016.