Safeguarding against the rise of mobile malware: Actions to take following recent incidents

Introduction

In recent news, the European Parliament's defense subcommittee faced a concerning security breach, with traces of spyware discovered on several mobile devices, prompting an urgent call for cybersecurity measures. This incident has sparked urgent discussions surrounding cybersecurity processes, coinciding with ongoing deliberations regarding the Digital Market Act. As investigations start and the EU grapples with the potential fallout of this breach, it serves as a stark reminder of the increasing threat posed by malicious actors targeting mobile platforms.

Evolving mobile threat landscape

It's crucial to understand the evolving landscape of mobile threats, exemplified by the recent breach in the European Parliament. Threat intelligence gathered by Jamf provides valuable insights into this landscape, highlighting the prevalence of malware on mobile devices and the increased targeting of mobile platforms by advanced persistent threat (APT) groups.

“1% of mobile devices infected with malware” — Jamf Security 360: Annual Threat Trends Report 2024

This indicates a significant risk landscape. Moreover, the increased targeting of mobile platforms by APTs poses a greater concern for organizations and individuals alike.

At the start of the year, we kicked off with a webinar that further emphasized the evolving nature of mobile threats. Adding fuel to this fire is the rise of political elections. Cyberattacks are expected to escalate in 2024, with cybercriminals anticipated to deploy more sophisticated techniques, including advanced phishing tactics tailored to evade detection on mobile screens. Additionally, social engineering strategies aimed at exploiting the lax security practices of mobile users are predicted to surge.

Best practices for securing mobile devices

Converging threats requires organizations to take multiple approaches to both education and awareness initiatives — both to empower users to recognize and respond effectively to potential threats. Combining them with best-of-breed solutions and a defense-in-depth plan to bolster their overall cybersecurity posture.

Securing mobile devices requires adherence to comprehensive best practices. Organizations should implement:

• robust device management strategies
  • deploying secure configurations
  • up-to-date OS and software patches
  • policy-based compliance enforcement

Additionally, enforcing Bring Your Own Device (BYOD) hygiene is essential, as employees increasingly use personal devices to access company resources. Aligning BYOD models with your cybersecurity plan ensures company resources are being accessed securely from any device on any ownership model. Ways to ensure this are by checking that devices are compliant by:

• requiring minimum OS and app versions
• deployment of advanced security configurations
  • volume encryption
  • multi-factor authentication (MFA)
  • endpoint security software
• securing communications over all network connections

Each layer protects against emerging mobile threats — even if they happen to slip past one layer, the subsequent one acts as a safety net to mitigate the threat.

Prepare for the worst

• Have a plan: Organizations need a comprehensive plan in place to respond to security incidents for all endpoints, including mobile devices. This plan should outline clear protocols for detecting, containing and mitigating the impact of security breaches on mobile devices. Moreover, regular training and simulations can help ensure that employees are well-prepared to execute these protocols effectively.
• Routine scans: The discovery of malware by the European Union through routine scans highlights the importance of proactive monitoring and detection measures. Regularly scanning mobile devices for indicators of compromise can help organizations identify and neutralize threats before they escalate into something worse, like a data breach.
• Sophisticated threats: Organizations may encounter advanced threats — often carried out against executives or high-risk targets by nation-state-backed threat actors. The ability to detect and mitigate these types of threats requires specialized solutions and threat response expertise specifically tailored for mobile devices to address them effectively.

By prioritizing education, implementing best practices and proactively preparing for potential security incidents, organizations can strengthen their defenses against mobile threats and safeguard their sensitive data in an increasingly interconnected digital landscape.