Q1 2016 Enterprise Mobile Threat Report
- Appthority analyzed 315,000 global apps including 112,000 apps on enterprise devices for risky behaviors
- iOS malware is now mainstream but malware is not the only concern for enterprises
- The top 150 apps on enterprise devices exhibit high risks of data leakage and private information tracking
- A high percentage of iOS and Android apps in the top 150 apps on enterprise devices were found to have data leakage and privacy invasive behaviors
Appthority, the leader in enterprise mobile app risk management, today announced the release of their new Q1 2016 Enterprise Mobile Threat Report with mobile app risk research from the Appthority Enterprise Mobile Threat Team (EMTT).
Having analyzed millions of apps since 2011, Appthority is a pioneer and the leader in enterprise mobile app security and this new report is one of the largest of its kind. Appthority tested apps added into enterprises and into its global database in the second half of 2015 to determine how high risk data leakage and privacy invasive app behaviors impact enterprise environments. Congruent with previous Appthority threat reports, high numbers of apps with significant risks to the enterprise continue to be prevalent throughout the mobile app ecosystem.
Appthority’s findings also align with trends identified by independent research firms. Forrester predicts that employee use of mobile apps will surge; doubling in size compared to last year. At the same time, Gartner predicts 75 percent of mobile security breaches will be traced to mobile apps by 2017.
“It’s very alarming to find that the 150 most common apps on enterprise devices show high risk user surveillance behaviors,” said Domingo Guerra, president and co-founder of Appthority. “Every time we analyze the top apps in the enterprise we discover significant threats such as third-party access to calendars, corporate address books and text archives to be prevalent in mobile apps. This surveillance data can be used to launch increasingly effective spear phishing attacks, which puts the enterprise at risk of a major breach. Whereas Gartner predicts a 75% rate by 2017, we believe that the trend may have already begun. IT underscores the need for every version of every app on every mobile device to be subject to automated app scanning, continuous and dynamic monitoring and policy controls.”
Key findings from the Q1 2016 Appthority Enterprise Mobile Threat Report
- Malware now carried by the Apple App Store – In 2015, we experienced the first mobile malware to make it through the gates of the official Apple App Store with four major malware outbreaks in four consecutive months. New mobile threats like Quicksand (discovered by Appthority), XCodeGhost, YouMi and MobiSage enable employees to unknowingly download risky applications from the App Store. Further, with app stores under no regulatory obligation to inform users of apps that have been removed from the store, these revoked “zombie apps” can live on in enterprise environments, leaving the door wide open for cybercriminals to leverage vulnerabilities and access sensitive data.
- Android, still riskier to the enterprise – Android users in the enterprise have more apps per device than iOS users and those apps more often have data leaking and privacy invasive behaviors than iOS apps. For example, Appthority’s research shows that more than 88 percent of Android apps on enterprise devices exhibit data leakage behaviors, compared to about 50 percent for iOS apps.
- Popular mobile apps exhibit riskier behavior – The top 150 apps deployed on enterprise devices exhibit an even higher risk of user “surveillance” behaviors—leaking data, tracking private information and the capability to alter device configurations—than apps in the enterprise overall.
- Mobile apps: the new spear phishing vector – Private user data is being accessed and harvested by third parties via apps that track location and access contacts and calendars—often times facilitated by employees who unwittingly click through a new app download as fast as possible or respond to seemingly legitimate requests for meetings or attachment downloads. This information, when used as reconnaissance, can facilitate large scale targeted phishing attacks.
“Our latest research confirms that iOS malware is now mainstream,” said Guerra. “Though Android apps continue to be more risky to the enterprise, four major breaches in as many months have proven that iOS is no longer immune to mobile malware. Using mobile apps to gather reconnaissance information for enterprise spear phishing purposes is another fear realized, and one that we’ll continue to safeguard our customers against with our comprehensive mobile app risk management solution.”
Appthority provides the industry’s first all-in-one App Risk Management service that employs dynamic and behavioral analysis to immediately discover the hidden actions of apps and empower organizations to apply custom policies to prevent unwanted app behaviors. Having analyzed more than three million apps for its Global 2000 and government customers, only Appthority combines the largest global database of analyzed public and private apps with advanced policy management tools to automate control over risky app actions and protect corporate data. Appthority delivers visibility and trust to enterprises and their rapidly expanding app ecosystems. Headquartered in San Francisco, Appthority is venture-backed by U.S. Venture Partners and Venrock and additionally funded by Blue Coat Systems, and Knollwood Investment Advisory. More information on Appthority can be found at https://www.appthority.com/.
Download the Q1 2016 Appthority Enterprise Mobile Threat Report
Find Appthority in North Hall Booth #4146 at the RSA Conference:
Feb 29-Mar 4, 2016 | Moscone Center | San Francisco, CA