news_coverage_icon

Media Coverage Archive

SecurityInfoWatch | BY Steve Lasky
Wednesday | December 27, 2017
As the New Year approaches, we wondered what industry experts consider the top-of-mind threats for 2018. There were myriad risks and vulnerabilities brought forth, but the specter of increased consolidation of devices and the growing interconnectivity of “things” ranked extremely high.

… [Appthority]

The Mobile Threat Increases in 2018

Domingo Guerra, co-founder and president of Appthority predicts that enterprise data via mobile is the next frontier for cyber criminals. He thinks hackers will progress from small footprint ‘front door’ malware and Man-in-the-Middle attacks to attacks that access all of an app’s or a company’s data via the ‘backdoor’ – app vulnerabilities.

“The next big breach won’t happen because hackers take over a single phone—it will happen because they gain access to massive amounts of sensitive corporate data collected by the apps. Indeed, the next massive Equifax-style breach could be a mobile breach,” stresses Guerra. “The problem is that mobile apps collect a large amount of valuable data, data that may not even be necessary for the app’s use, such as specifics about the user’s physical location, all the contacts, or access to their cloud storage accounts. This data may be stored on the device, offloaded for processing to the cloud, shared with third parties, and even leaked through poor encryption and developer practices.”

So, while the focus is on breaches to corporate systems via compromised user credentials or web apps, 2018 will be the year that the public realizes what hackers already know, enterprise data is available for the taking, in massive amounts, via leaky mobile apps.

“In fact, it just happened to Uber, where hackers stole the data of almost 60 million users and drivers because they found the Uber developer’s username and password to access Uber data stored in an Amazon server. That’s why forward-thinking organizations are putting the proper mobile defenses in place—before they become the next Equifax or Uber,” adds Guerra.


Read the full article on SecurityInfoWatch.com here.