Large organizations – defined as enterprises or agencies with more than 200 iOS or Android mobile devices – are almost guaranteed to have at least one malware-infected device, according to data from mobile threat defense firm Skycure.
The company’s third Mobile Threat Intelligence Report found that 4% of all mobile devices have malware installed regardless of whether they are managed by an enterprise or an individual, with Android devices being twice as likely to be infected compared to iOS devices.
What’s more, Android devices have a greater variety of malware, consisting of 76% of unique varieties, whilst only 22% of all installed iOS malware was unique. Further, nearly one in five (19%) enterprise Android devices allow app installation from third-party stores, notorious for being more likely to deliver malware.
“Malware absolutely exists on enterprise mobile devices and standardizing on iOS doesn’t make you safe,” said Yair Amit, CTO of Skycure. “Unlike the nuisance malware of the past that targeted only consumers, today’s malware is smarter, and often more focused on businesses. We have seen recent attacks that have been specifically designed to circumvent two-factor authentication. Smartphones make excellent reconnaissance tools because they are able to track a user’s conversations and movements twenty-four seven. That means malware can target specific individuals for access to valuable personal and corporate information.”
However, Skycure was also quick to point out that malware is only one of the mobile threats companies face, stating that network incidents happen five-times more often than malware incidents. Of the network incidents the firm assessed, man in the middle attacks were noted as posing the biggest threat whilst content manipulation attacks, in which hackers alter data to cause a victim to perform desired actions through a manipulated interface or in a third-party system, came in second.