Experts from Zimperium outline predictions ranging from the rise of QR code phishing and the need to monitor Apple's support for third-party app stores to evolving regulatory requirements and the growing threat of mobile ransomware.
Kern Smith, VP Americas, Sales Engineering, Zimperium
The Rise of QR Code Phishing
QR Code Phishing or “quishing” is becoming a very popular form of attack by cybercriminals. As the use of QR codes for everyday things such as reading a restaurant menu or paying for a parking spot continues to increase, bad actors will also continue to take advantage of this opportunity and the vulnerabilities of this mobile technology to launch attacks. This type of attack currently bypasses traditional web and email gateway controls, allowing attackers to easily embed a malicious URL containing custom malware into a QR code that could then exfiltrate data from a mobile device when scanned.
What’s more, is that quishing is explicitly targeting mobile devices. Mobile devices are the primary device that has the ability to render these links. Attackers are targeting mobile and using corporate communications to distribute these targeted attacks, mainly because most organizations have no defenses against targeted mobile attacks.
Apple officially supporting Third party app stores next year in EMEA
Apple iOS will have to officially support third party app stores in EMEA starting next year, bringing a new threat surface that organizations will need to consider. While the details of how Apple will support this requirement are still unknown, it is something that organizations will need to monitor, especially considering the vast majority of malware seen on mobile devices comes from third party app stores on both Android and iOS.
Evolving Regulatory Requirements
Regulatory requirements are constantly evolving when it comes to cybersecurity technology, and this will only continue to happen in 2024. For example in APAC there have been new/updated regulatory requirements requiring mobile banking applications to embed more robust protections against runtime attacks and fraud, and I expect other regions to learn and evolve their regulatory requirements for mobile apps as well. I also think Mobile Threat Detection (MTD) and Mobile App Vetting (MAV) will become more broadly required and standardized across all verticals, as best practices and requirements are updated to reflect the current landscape for mobile. We are already starting to see this take place. Two of the most recent examples are from Cybersecurity Maturity Model Certification (CMMC) and the National Institute of Standards and Technology (NIST), both calling out the need and requirement for MTD and (MAV) as being essential components of an enterprise or agencies mobile device security strategy regardless of their vertical, other controls in place, or general security posture.
JT Keating, SVP of Corporate Development, Zimperium
Rise of Mobile Ransomware
Another threat to beware of in 2024 is mobile ransomware. Mobile ransomware is a form of malware that affects mobile devices. A cybercriminal can use mobile malware to steal sensitive data from a smartphone or lock a device, before demanding payment to return the data to the user or unlock the device. Sometimes people are tricked into accidentally downloading mobile ransomware through social networking schemes, because they think they are downloading innocent content or critical software.
According to Zimperium’s Global Mobile Threat Report, last year was the beginning of real mobile ransomware, with a 51% increase in the total number of unique mobile malware samples detected year-over-year. It is reasonable to expect that to continue.
The growing adoption of application shielding as part of a DevSecOps framework
Application shielding will continue to grow in adoption as organizations realize its value in the DevSecOps framework. Application shielding helps DevSecOps teams work more efficiently by embedding protections to secure source code and IP from reverse-engineering and tampering attempts, including Code tampering, malware injection, encryption key extraction and reverse engineering. IT and security teams will need a mobile app protection platform that meshes with a DevSecOps framework or risk being further siloed from development team efforts.