Mobile Threat Blog

  • Mobile
    Security Insights
  • Mobile
    Threat Research
  • Mobile
    Security Tips
Mobile Threat Team Logo

Today Appthority released its Q1 2016 Enterprise Mobile Threat Report with new mobile app risk research from the Appthority Enterprise Mobile Threat Team (EMTT). We analyzed 315,000 global apps including 112,000 apps added into enterprises and into our global database in the second half of 2015 to determine how high risk data leakage and privacy invasive app behaviors impact enterprise environments. We found high numbers of apps with significant risks to the enterprise continue to be prevalent throughout the mobile app ecosystem.

Each time we analyze the top apps in the enterprise we discover significant threats such as third-party access to calendars, corporate address books and text archives to be prevalent in mobile apps. This surveillance data can be used to launch increasingly effective spear phishing attacks, which puts the enterprise at risk of a major breach. Gartner predicts 75 percent of mobile security breaches will be traced to mobile apps by 2017, but we believe that the trend may have already begun. IT underscores the need for every version of every app on every mobile device to be subject to automated app scanning, continuous and dynamic monitoring and policy controls.

Our latest research also confirms that iOS malware is now mainstream. Although Android apps continue to be more risky to the enterprise, four major breaches in as many months have proven that iOS is no longer immune to mobile malware. Using mobile apps to gather reconnaissance information for enterprise spear phishing purposes is another fear realized, and one that we will continue to safeguard our customers against with our comprehensive mobile app risk management solution.

Key findings from the Mobile Threat Report include:

  • iOS Malware is now mainstream
    • 4 major breaches in as many months showed the App Store is not immune to mobile malware
    • New mobile threats like Quicksand (discovered by Appthority), XCodeGhost, YouMi and mobiSage enable employees to unknowingly download risky applications from the App Store
    • Every iOS device running OS older than 8.4.1 has a critical sandbox vulnerability that makes enterprise managed apps’ credentials easily accessible to bad actors
  • Across the board, Android apps are more risky
    • A higher percentage of Android than iOS apps showed risky behaviors across three critical risk categories – High Risk, Data Leakage, and Privacy Invasive
    • Of the 150 most common apps on enterprise devices, 100% of the Android apps were found to have data leakage and privacy invasive behaviors
  • Mobile malware is not the only concern to enterprise mobility
    • A far larger percentage of apps on both iOS and Android exhibit risky behaviors related to data leakage and privacy invasiveness
    • Mobile app behaviors that send private user information are a gateway to private enterprise breaches through spear phishing or other attacks
    • Dead apps that are not updated to address known malware and vulnerabilities continue to pose a cumulative and ongoing threat to enterprises
  • Popular mobile apps exhibit riskier behavior
    • The most common apps in the enterprise pose a high and very direct risk to enterprise security and data privacy
    • The top 150 apps deployed on enterprise devices exhibit an even higher risk of user “surveillance” behaviors—leaking data, tracking private information and the capability to alter device configurations—than apps in the enterprise overall.

The full report is available for download here.