Mobile Devices As Attack Vector for Ransomware


Protect Your Access to the Internet

The amount of damage that can be done by a ransomware attack against a network is well known. We’ve seen the stories about hospitals, universities, and governments taken offline and the threats made to organizational and consumer information.

The focus of ransomware, however, remains almost exclusively on network attacks. But the time has come—actually, the time has probably long passed—to look at securing mobile devices against ransomware. It’s not the next attack vector for ransomware gangs; it’s an attack vector they are already using but to which few are paying attention.

Cybersecurity Live - Boston

Mobile Malware Impacts Everyone

Almost every organization encountered a mobile malware threat in 2020, according to Check Point’s Mobile Security Report 2021. The report also found that four in 10 mobile devices are vulnerable to cyberattacks and nearly half had an employee download a malicious app.

“Cybercriminals are continuing to evolve and adapt their techniques to exploit our growing reliance on mobiles,” said Neatsun Ziv, VP of threat prevention at Check Point Software, in a formal statement. “And there are more complex threats on the horizon.”

Cybersecurity professionals have known that threat actors would target mobile devices since BYOD became a buzzword, and they knew that ransomware would evolve over time—following users from their desktop computers and connected networks to mobile devices. Security teams have been fighting the mobile ransomware battle on both Android and Apple devices for nearly a decade.

“Ransomware, starting in 2013, was exclusively targeted to individuals; that proved lucrative enough,” explained John Bambenek, principal threat hunter at Netenrich, in an email comment. “Then, the focus shifted almost exclusively to organizations where large ransom payments started coming into play. Mobile ransomware seems to present a step back, at least for some threat actors. As so much of our digital lives take place on our mobile phones, it represents a way to extract money.”

More Sophisticated Attacks Coming

And ransomware is all about the money. “The mobile ransomware attacks we’ve encountered tend to be financially motivated; the consequences limited to…