Do you think the threats to any particular mobile device will outweigh the threats to others this year? Is there any particular device you see as being most vulnerable? Are there any mobile threat vectors you see as particularly insidious (e.g., mobile banking)?
The most serious threat vectors (and the most obvious) will likely affect applications or mobile device vulnerabilities used in financial transactions, because attackers can most easily monetize these attacks. Since the diversity of the hardware and software of smartphone platforms makes attacking them more difficult than targeting desktop systems, and the number of smartphones used for financial transactions is still small, the risk to the general user is still relatively low. For targeted attacks, however, the risk of infection is higher for general users, since security awareness concerning smartphones tends to be low.
Also, security researchers will continue to identify vulnerabilities. Researchers at Fraunhofer Institute of Secure Information Technology recently identified ways to bypass the iPhone PIN (.pdf), which could expose any data stored or password saved on the device. This essentially means an iPhone PIN can only protect against the most casual of attackers. Android security research continues to improve and identify more complex vulnerabilities. The threats to the different devices are also heavily dependent on their management by the vendors, their application distribution stores and any potential management by enterprises.
Dig Deeper on Enterprise mobile security
Related Q&A from Nick Lewis
Cloud penetration testing presents new challenges for information security teams. Here's how a playbook from the Cloud Security Alliance can help ... Continue Reading
Island hopping attacks create enterprise risk by threatening their business affiliates. Here's how to create an incident response plan to mitigate ... Continue Reading
Many cloud providers are tight-lipped about internal security control details. Learn how to evaluate cloud security providers with certifications and... Continue Reading