Smartphone attacks are a serious concern for businesses and individuals today. The early part of smartphone proliferation was relatively quiet in terms of cyberattacks. Back then, traditional desktop/laptop and server environments were far more attractive targets due to the sheer numbers of them deployed worldwide. So when did this all change? And why are smartphones such an attractive target for hackers now? Let’s take a look at why this shift from desktop to smartphone attacks has occurred and what you can do to keep your sensitive corporate data safe.

1. Technology improvements

Early smartphones didn’t have significant bandwidth or resources to be of use to hackers. Today’s smartphones now have greater memory and processing power than laptops did only a few years ago, and even servers a few years before that. Add 3G and 4G speeds into the mix, and you have the perfect computer resource for exploitation.

2. Sheer volume

The number of phones being sold began to rapidly outgrow the number of traditional IT devices a few years ago. Many cyberattacks rely on vast armies of compromised machines known as botnets which can be remotely controlled to do the hackers bidding, or sold by the hacker in bulk to be controlled by a 3rd party. Once mobile devices became the fastest-selling platform, hackers knew that this is where the money was.
Smartphone hacking

3. User activity

Users tend to trust their phones and are quicker to respond to mobile alerts, meaning that they are significantly more likely to trust pop-ups that prompt them to install malicious apps and malware. Flashlight apps have been notorious privacy risks, with users tapping away their identity and contact lists without significant thought. Because contact lists are carried on these mobile devices, it doesn’t even matter if you are good with privacy, so long as you have given your contact details to someone who isn’t. Users can also incur exorbitant costs if they are not careful with data usage, especially when roaming.

4. Always on

Desktops and laptops tend to be powered off, or at least hibernated, when not in use. This means that even if a machine is compromised, the command & control (C&C) server might not always be able to access it. Mobile phones, on the other hand, are rarely powered off, even at night. Even with the screen off, these devices are designed to constantly be online checking for updates, and this means that they can perform nefarious tasks even as their owners sleep beside them.

5. Valuable data

As we rely more and more on our phones (does anyone remember actual phone numbers anymore?), we store far more personal information on them. Not just our contacts, but the social media platforms that they use. We store passwords for our apps, family photos, business email and lots more else besides.

Smartphone hacking

6. Inherent security flaws

Right out of the box, Android devices allow you to enable 3rd party app stores. These can contain hacked versions of legitimate apps. Users download them in order to avoid paying for apps, rarely stopping to wonder why a hacker has bothered to provide them with this service for free. In these stores, apps can pose as whatever they like and execute any code. Smartphones can silently call premium numbers, run up clicks on advertising banners, or perform DDoS attacks without the user being aware. Even the Google Play Store and Apple’s App Store have hosted malware, although in vastly smaller numbers.
The fragmented nature of Android OS has also made it difficult for security teams to obtain patches for vulnerabilities when they are identified. Because there are no real restrictions on who can develop apps, and with the ready availability of mobile SDKs these days, malicious apps aren’t the only risk. Badly developed ones can fail to implement the encryption and data handling required to protect potentially sensitive data.

7. Multiple Attack Surfaces

There are so many ways to compromise mobile devices. Portable form factors mean that they can be easily stolen. Rooting/Jailbreaking is often performed by users who have no way of knowing what new code is being introduced. Malicious profiles can be carelessly installed. Rogue apps can be installed, unencrypted traffic can be intercepted, and every few months now it seems that new attack vectors are being found and exploited.

The best defense against smartphone attacks

With so many risks, should businesses consider prohibiting the use of mobile IT in order to prevent smartphone attacks? While it would seem that there is a case for this, the proven productivity gains that organizations get from mobile users having access to information when and where they need it can weigh heavily in the decision-making process.
Today, users can circumvent IT restrictions and use free online email and file storage platforms, making Shadow IT the cost of excessive restrictions implemented by IT departments. By attempting to shut things down, they might inadvertently make things worse.
So how can an organization benefit from mobile IT while mitigating the risk? While there are numerous solutions on the market to address different facets, finding a solution that addresses each of the attack vectors cannot be currently achieved by any single platform.
The answer lies instead with choosing best-of-breed products, and ensuring that they can be orchestrated together to form a cohesive and robust defence against smartphone attacks:


EMM is the cornerstone of any mobile threat mitigation. Without this, users can remove any other solutions deployed on their devices and expose themselves to smartphone attacks.
Use EMM to:

  • Protect against physical threats by enforcing encryption on the device itself and any SD cards, secured with an appropriately complex passcode.
  • Segregate personal apps and data from corporate, and implement policies that prevent the user from tampering with the areas of the device they are not supposed to access.
  • Implement VPN traffic for secure data, particularly any resources that reside behind the organization’s firewall.
  • Wipe all or select data from compromised devices, and locate missing ones.
  • View app inventories, and deploy your own app Store.
  • Remotely configure and deploy required settings such as printers, Wi-Fi settings, email policies and more.

When choosing an EMM platform, in addition to being able to provide a wide feature set, be sure that you choose an extensible platform that is widely compatible with other security solutions.

smartphone attacks

App Reporting

There are so many apps on the various legitimate stores now that keeping track of them is a difficult task. Deploy a service that will gather the app inventories of all of your mobile fleet, or integrate with your EMM platform to get access to the inventory there. Detailed reports on what your apps talk to should be available, along with reports on apps that require excessive permissions. Risky apps should be flagged, and the ability to automate blocking or allowing can save quite a bit of administrative overhead. Integration with EMM can greatly improve remediation options.


Blocking apps doesn’t prevent users from visiting websites corresponding to those apps with a mobile browser, and so it is important to enforce data traffic compliance. While Wandera can lead to significant cost savings with data shaping and capping, expense is only one of the many threats mobile devices expose their companies to.
Many legitimate apps inadvertently leak data by failing to properly encrypt it before transmission. Username, password and credit card leaks can all be detected by Wandera, and appropriate action is automated. Real-time reporting and zero-day detection of threats provide peace of mind, while data policies enforce compliance and remove the opportunity for user error.
Wandera also provides a solution for many off-device threats such as Man-In-The-Middle (MitM) attacks, where a third party intercepts and reads data before routing it back to its intended destination.
Wi-Fi hotspots are analysed by Wandera, and malicious ones are immediately identified. Combined with the detection of vulnerable sensitive data in transit, these threats can be mitigated before the leak occurs, where so many other solutions report on leaks only after the damage has been done.

Smartphone attacks

Make mobile work for you

By combining interoperable security platforms, users can be protected from the threats of others and from their own actions. Companies can deploy mobile IT in confidence, making greater amounts of resource and information available when the attack surfaces are protected and constantly monitored. With due consideration and planning, it is possible to face and conquer the real-world threats of mobile IT, while reaping the rewards that instant information anywhere grants.
About the author
Colm Warner leads presales consultancy for CWSI, Ireland’s leading Mobile IT integrator and managed service provider. He has worked in the IT service sector for over 15 years in various service and sales roles.
[text-blocks id=”get-free-demo-wandera”]