While artificial intelligence (AI) is becoming an integral part of business operations in myriad market segments around the globe, security applications have been slower to adopt it into the mix. However, the added health risks organizations now face from COVID-19 have forced both security solutions providers and users to rethink how AI can help mitigate those risks.
The Synopsys Cybersecurity Research Center (CyRC) analyzed more than 3,000 popular Android applications to assess the state of mobile app security during the COVID-19 pandemic. The study targeted the most downloaded and highest grossing apps across 18 categories, many of which have seen explosive growth during the pandemic.
As more people turn to their cellphones for news and information, there becomes an increased need to develop innovative alerts and warning applications (apps). These apps notify the public of a current or imminent event or disaster and provide the public with any necessary actions to keep citizens safe. The latest National Emergency Communications Plan (NECP) Spotlight highlights the successful use of these apps in real-life scenarios across the United States and demonstrates how the NECP’s recommendations promote the development and adoption of new technologies that enhance communication capabilities.
New Lookout Threat Report: 70% of government-focused mobile phishing attacks sought to steal credentials in 2020.
February 24, 2021
Lookout Inc. released its Government Threat Report, which examines the most prominent mobile threats affecting federal, state and local governments in the United States. Lookout data reveals that U.S. government organizations are increasingly targeted by credential stealing mobile attacks and exposed to hundreds of vulnerabilities from outdated operating systems and risky apps.
Lookout, Inc. announced the discovery of two novel Android surveillanceware, Hornbill and SunBird. The Lookout Threat Intelligence team believes these campaigns are connected to the Confucius APT, a well-known pro-India state-sponsored advanced persistent threat group. Hornbill and SunBird have sophisticated capabilities to exfiltrate SMS message content, encrypted messaging app content, geolocation, contact information, call logs, as well as file and directory listings. The surveillanceware targets personnel linked to Pakistan’s military and nuclear authorities and Indian election officials in Kashmir.
As 5G technology continues to be rolled out worldwide—providing latency of a mere 1 millisecond—it is critical that information security professionals become familiar with 5G system architecture and security architecture, as well as the risks that come with implementing new cellular technologies. ISACA’s new white paper, 5G Security: Addressing Risk and Threats of Mobile Network Technologies, explores these topics, and compares 5G technology with 4G and previous generation cellular technologies.
In spite of the fact that mobile apps live on IoT-enabled devices, collect user data, and continuously loop communication between Internet, cloud services and companies (even when not “in use”), there is a limited view that they are different entities altogether. We see this particularly when it comes to security – or lack-there-of – regarding security standards in place to continuously protect users from detrimental application hacks.
As organizations continue to adapt to life in the age of COVID-19, smartphones are set to take on additional responsibilities – even as the security limitations of these devices become ever more evident. Below, I’ve highlighted five key trends that are set to shape mobile security in 2021.