A survey carried out by Check Point Research (CPR), the Threat Intelligence arm of Check Point Software, has revealed that in the past year, almost half (49%) of organisations worldwide were unable to detect an attack or breach on employee-owned devices.
Any notion that hybrid working and a BYOD (bring your own device) culture were simply part of a temporary response to the COVID-19 pandemic can now also be laid to rest. In data published as recently as February 2022, Statista reported that 30% of the world’s workforce now work exclusively from home.
The same survey indicated that about 60% of companies were now actively facilitating hybrid working, giving employees the freedom to choose where they log on. But how many of these businesses are fully prepared for the security demands of a truly mobile workforce?
Check Point analysts saw some concerning developments in the mobile threat landscape throughout the past year. The report referenced NSO’s Pegasus, notorious for its ability to gain full control of iOS and Android devices via an elaborate zero-click exploit.
NSO, the group responsible for the spyware, is currently one of the highest-profile vendors of “access-as-a-service” malware, selling packaged hacking solutions that enable affiliate threat actor groups to target mobile devices without the need for homegrown resources. In 2019, Pegasus was used to leverage WhatsApp and infect more than 1,400 user devices, from senior government officials to journalists and even human rights activists.
Another worrying trend the Check Point analysts have witnessed is a rise in SMS phishing or "smishing" attempts. Using SMS messages as an attack vector may seem rudimentary but, as with email phishing, it’s still disconcertingly effective.
In the report, the analysts noted that the FluBot botnet had made a return in 2021 despite being dismantled by authorities earlier in the year. It spread convincing security update warnings, parcel delivery alerts and voicemail notifications to users that, if they clicked on the link, would infect devices.