Recent years have made abundantly clear that attempting to predict what’s to come in the future can be a pretty dicey proposition. However, it is also true that current trends can paint a clear picture of how we can expect things to unfold. This is very true in cyber security, and specifically in the mobile threat arena.
As we set out to make predictions for 2022, we started by assessing what was happening throughout 2021, and how the security landscape has continued to evolve. In this post, we’ll look at some key lessons learned entering 2022, and offer an overview of some of the top trends in mobile security we’re expecting for this year.
Zero-Day Exploit Stats Highlight the Increasing Focus on Mobile Devices
As you look to understand the threat landscape and where cyber attackers are focusing their efforts, zero-day exploits are a particularly insightful area to examine. (The term “zero-day” refers to exploits that were not known to the public or the affected vendor at the time of discovery.)
Google’s Project Zero team tracks and studies instances of zero-day exploits that were discovered in real attacks against users, and the data they’ve generated is truly astounding. (For more details on this, see Google’s “0day in the wild” spreadsheet.) In 2020, 26 zero-day exploits were seen in the wild. Of those, three, or 11%, specifically targeted mobile devices. In 2021, the total number of exploits more than doubled to 58, and 18 targeted mobile devices, 31%. Just to underscore, the number of exploits targeting mobile devices grew by a factor of six, and, as a percentage of all exploits, almost tripled. Also, it’s important to stress that, contrary to the perceptions of many, iOS devices aren’t immune to these mobile threats. In fact, these devices were targeted by more exploits than Android in 2021.
We have every expectation that this growth in mobile-focused attacks in 2021 isn’t an aberration. What’s happened in recent years should serve as a pretty startling wakeup call for those who continue to believe mobile devices don’t require the same type and level of security as traditional endpoints. These stats illustrate the scope of the mobile threats that will be emerging in 2022.
This growth in mobile-focused attacks shouldn’t be a surprise. Given the massive impact of COVID-19, there was a dramatic increase in BYOD and hybrid work. These trends have meant that mobile devices continue to house and access more sensitive data and applications. Those trends show no sign of easing up. Consequently, if these devices fail to be secured at the same level as traditional enterprise endpoints, they’ll continue to represent “low-hanging fruit”—and a big focus—for cyber attackers.
Mobile Threats: What to Look for in 2022
1. Enterprise Apps Will Be the Source of Bigger Data Leaks
In recent years, the use of mobile devices to access enterprise apps has increased significantly, and that growth seems certain to continue.
Fundamentally, the more mobile devices are used with enterprise apps, the more risk that will be introduced. This is in large part due to the fact that application development teams often don’t have a security mindset or charter. Most often, these teams are focused on delivering new functionality quickly, and providing an easy user experience, and it is against these objectives that their performance is assessed.
In 2022, we expect to see more, and larger, data leaks that stem from mobile app attacks.
2. QR Codes Will Increasingly be Used as Attack Vectors
Not too long ago, after an initial uptick in usage, QR codes had fallen out of favor. However, due to the changes that have been imposed by the COVID-19 pandemic, the use of QR codes has seen a huge resurgence. Now, our use of QR codes is commonplace, whether we’re looking at a menu at a restaurant, checking in at a hotel, responding to an ad, or any other number of activities.
The reality is that QR codes can easily be spoofed, replaced, or redirected. There have already been arrests for criminals exploiting QR codes, and we expect to see more of these attacks in 2022.
3. State-Sponsored Threats Will Have a Trickle-Down Effect
Advanced, state-sponsored attacks can make big headlines, command a lot of attention, and soon be forgotten. However, just because a threat has been discovered and reported on, doesn’t mean it ceases to pose a risk. On the contrary, a state-sponsored innovation can effectively function as a proof-of-concept for other attackers.
You can think of these specific pieces of malware as ingredients for baking. Attackers will incorporate these innovations, mix and match with other proven ingredients, and keep at it until they find a recipe that works.
It’s interesting to note that WannaCry, the ransomware attack that made such big news a few years ago, was actually the third version of the malware, and the third time that malware was used. The prior two versions lacked the innovations needed for large-scale compromise, but attackers kept trying and were only successful after government-built exploits leaked to the public. This kind of trickle-down effect will have an increasing impact on mobile endpoints and enterprises in 2022.
4. The Use of Spyware Will Continue to Grow
The fact that we carry our mobile devices almost everywhere we go, and that these devices have GPS, Bluetooth, and so on, makes them fertile, potentially lucrative targets for spyware. What’s more, spyware is readily available. New releases are being developed for malicious purposes, versions are shared privately, and commercial versions can be found on common forums like GitHub and Reddit. Spyware we’re seeing can get everything from the mobile device, including data, credentials, and more. For these reasons, we expect the use of spyware to target mobile devices will continue to proliferate in 2022.
5. Ransomware and Other Disruptive Attacks Will Grow More Frequent
In 2021, significant, large-scale ransomware attacks made frequent headlines, and massive profits for cybercriminals. Spurred by those successes, it’s safe to assume these attacks will continue to increase, and that mobile devices will frequently be targeted. As with state-sponsored dynamics referenced above, different malware components will continue to be used, combined, and revised to wage attacks.
While the nature of cyberattacks will undoubtedly continue to change in unexpected ways, there are some clear trends that we see today that should inform our plans and initiatives. To learn more about our assessment of emerging trends, be sure to view our webinar, The Year of Mobile: The Risks and Threats Coming in 2022 which offers a look at key threats, and details how you can get ahead of the attacks that will be targeting mobile devices in the coming months.
Zimperium provides the only mobile security platform purpose-built for enterprise environments. With machine learning-based protection, Zimperium is the only solution to provide on-device mobile threat defense to protect growing and evolving mobile environments. For more information or to schedule a demo, contact us today.