By Dr. Jacqueline Gutierrez
Faculty Member, School of STEM at American Military University
As we continue to depend on mobile devices daily for everything from work and gaming to social media, our security concerns continue to increase. However, many users do not seem to be concerned with or even contemplate the security concerns associated with using a mobile device. In fact, most feel that surfing the Web on their phone is safer than from their computer. They also typically store sensitive data on their devices, including personal contact information and passwords.
There are various ways in which a cyber-attack can occur on a mobile device.
The simplest way is having your device stolen. Even with password protection, a sophisticated hacker can easily defeat the security features on a mobile device and gain access to all pertinent information.
Cyber-Attacks on Phone Apps
Apps are another way a hacker can gain access to your device. Some service providers even offer third party apps with no overall safety evaluation. While not all third party apps are bad, they are the less safe option. The best thing to do is use an app that already has a positive reputation.
Phishing scams are one form of Web-based threat which can include links to websites designed to trick you into providing personal information such as passwords and bank account information. These sites typically look very similar to those you would normally use such as banking sites. Drive- by downloads are also a concern and can happen automatically when you visit a Web page. In some cases, the download action will occur as soon as you access the site. Browser exploits are another form of Web-based threat which includes software that is launched in your browser. Some examples include Flash player or PDF reader.
Mobile devices are just as vulnerable to network threats as desktop computers. One example is network exploits, which take advantage of flaws in mobile operating systems or software operating on local or mobile networks and can install malware on your device without you knowing. Wi-Fi sniffing is another form of network threat. If an application or web page does not use proper security measures, unencrypted data sent across the network can be easily read by someone grabbing data in transit.
With so many ways to access one’s data on a mobile device there have to be ways to ensure their protection. The following are some simple steps to do so:
- Update your device with the latest security feature or recommended update. These available updates are sometimes crucial to ensuring that your device is not vulnerable to security threats.
- Use mobile security software and keep it updated. These programs can provide many benefits including locating a missing or stolen phone, backing up your data, and remotely wiping all data from the phone if it is reported stolen.
- Always secure your mobile device with a password or PIN. Make sure it is unique and not something that someone could easily figure out, such as your birth date.
- Be careful with free WIFI hotspots. It is best to avoid logging into personal accounts while using free WIFI since you really don’t know how secure a WIFI network is. It is safe to say that most WIFI hotspots are not safe.
- Make sure to back up the information on your phone. Most people tend to keep all of their family and friend contact information in their phone. If your phone is lost or stolen you will lose all of your information which can be both upsetting and hazardous.
Things to consider before your mobile device is lost or stolen include: being aware of your surroundings, locking your phone, adding apps that will track, lock or erase personal information, saving your data, and insuring your phone through your provider or a third party.
Additional things to consider if your mobile device is lost or stolen:
- Report it to your wireless provider to avoid incurring usage charges. You may also report it to your local police department.
- If you have installed a tracking app, activate it.
- Remote lock your device so your personal information cannot be accessed.
- Erase all information from your phone with the use of the app you previously installed. There are various apps that can help locate, lock and or erase your wireless device if it is lost or stolen.
It is a good idea to check with your service provider or to conduct some research to determine which app may be best for your mobile device.
The best advice I can provide is to be cognizant of possible cyber-attacks on your mobile device to help prevent them from occurring.
About the Author:
Dr. Gutierrez has several years of experience in Information Technology, and in management. She has a Master of Science in Computer Information Systems, and a Ph.D. with a concentration in organizational leadership. Her professional experience includes working in both the private, and the public sector. She served as a Deputy Director for a team of cyberwarfare administrators which maintained over 300 systems worldwide for the Air Force Computer Emergency Response team. She was the lead for the development of Host Based Security operating procedures for the Air Force. She also served as a Quality Assurance Personnel (QAP) providing contract oversight for various organizations to include: McAfee, Northrup Grumman, General Dynamics, Joint Task Force Global Network Operations (JTF-GNO) and various other DoD departments.