All IP-based smart solutions are prone to cyber attack as cyber threats are evolving at a very fast pace globally and India, with its widespread digital growth, will be equally prone to cyber attacks. India has emerged as a smart city hub with smart devices ubiquitous, but the security of these devices can be compromised and the systems can be brought down by any cyber attack in a short span of time.
Heart pacemakers, smart watches and other mobile devices connected to a network or a cloud-based system can easily be compromised and it is very important to secure our mobile networks like any other network. These observations were made by Bhaskar Bakthavatsalu, managing director, India, of Israeli security firm Check Point Software Technologies.
Bakthavatsalu pointed out that that there used to be a time when companies did not need to worry about mobile devices. Today, mobile devices may be the weakest security link in an enterprise or a firm.
Bakthavatsalu pointed out that major cyber security attacks on mobile devices also compromise the data on the devices almost instantaneously. For instance, if a hospital's technology systems are compromised through the smart devices connected to the system, they can bring down the operations of the hospital.
“Imagine if a hospital has almost 40-50 surgeries going on in a day and a cyber attack happens; what kind of impact it might have when the systems are down during the surgeries,” explained Bakthavatsalu.
Bakthavatsalu cited a report, prepared by Check Point’s mobile threat research team, which surveyed organisations across the globe and said that almost every enterprise at some point of time had experienced a mobile attack, but they were unaware about it.
The Check Point report stated that the average number of mobile malware attacks per organisation was 54. The report also stated that organisations suffer from different types of mobile attacks beyond malware and 89 per cent of them experienced at least one 'man-in-the-middle' attack over a Wi-Fi network.
The Check Point report also found that even though enterprise mobility management (EMM) solutions were in place in many companies, 75 per cent of the organisations in their sample had at least one jail-broken iOS device or rooted Android device connected to their corporate networks. The report states that the process of rooting or jail-breaking a device strips away all built-in security provided by the iOS and Android operating systems.
“One can only expect mobile attacks to increase in proportion and sophistication in the years ahead. For perpetrators, the world of mobile devices holds great potential as these are easier to hack and they possess even more sensitive information than PCs. We expect the financial services sector to continue to be a primary target of cybercriminals, followed by government agencies, as these two sectors protect the most valuable assets,” Bakthavatsalu noted.
“As long as the mobile market is composed of two dominant players—iOS and Android—malware will continue to target both and try to penetrate their defences. We feel that comprehensive mobile security should be a system of components that work together cohesively to identify a wide variety of threats and protect data while addressing employee privacy concerns. Only solutions that can analyse behaviour across all vectors for indicators of attack can protect mobile devices effectively to keep them safe,” said Bakthavatsalu, quoting from the Check Point report.
Another expert, Venugopal N., the director of security engineering at Check Point, pointed out that users should avoid downloading unknown links from unknown SMS messages and also should be careful while downloading apps if they are unknown. At the same time, Venugopal feels that one should avoid accessing the network through a public Wi-Fi system as it is prone to cyber attacks and the security of the phone can be compromised through such networks.
“There are also many jail-broken devices in the market (purchased from abroad but their code being broken in India), which are equally prone to cyber attacks as the code that was there in the country of their origin has been broken and these devices are made vulnerable. Many people purchase such devices abroad for lesser cost, etc. and when they bring it to India, they take it to a local mobile dealer who breaks the code for a small amount,” explained Venugopal.
