Advanced persistent threats now hitting mobile devices

Smartphones, tablets and other mobile devices have become the target of malware and are even getting hit by highly targeted attacks known as "advanced persistent threats" that intended to steal sensitive data, according to a survey of 676 IT and security professionals.

About two-thirds of the respondents said the mobile endpoints used in their organizations had been hit by malware and 40% also said these endpoints were the entry point for an APT-style attack aimed at specific individuals to gain access to corporate information. The Ponemon Institute's survey, titled "2014 State of Endpoint Risk", states that on average 63% of an organization's employees are now using mobile devices, with IT managers anticipating the number of devices that have to be actively managed will rise from 5,000 on average to 7,000 in the next three years.

"Just when many IT security practitioners were hoping to get their endpoint security risks under control, the exploding growth of mobility platforms and public cloud resources has turned these dreams into a security nightmare," the survey report asserts. The respondents perceive "mobile devices such as smartphones" to be the greatest potential IT security risk in the IT environment, more than PC desktops and laptops.

The survey, sponsored by Lumension, indicates that over half of the IT security experts learned of APT attacks against endpoints when they found anomalous exfiltration traffic on the network. About a quarter said the endpoint security technology they use alerted them to a possible breach and 21% were notified by law enforcement directly. APT attacks often commence with phishing e-mails to employees, Web-based click jacking, fraudulently signed code or digital certificates, they said.

+ Also on Network World: Point-of-sale malware infections on the rise  +

As far as the applications considered to have the highest IT risk, the top three choices were: Adobe; Google Docs; and Microsoft OS/applications.

Just over half of the survey's respondents say they have a "Bring Your Own Device" (BYOD) plan that lets employees use their own mobile devices for work purposes, and slightly over half of them are relying on "voluntarily installing the endpoint protection agent" for BYOD.

The survey also asked about perceived risks associated with third-party cloud services, and 54% of the respondents said their organization has a "centralized cloud security policy," up from 40% that did the year before.

Having to focus more on endpoint security is putting pressure on IT security budgets, according to the report, with only 44% expecting their overall IT security budgets to increase in 2014.

The types of technologies the survey's respondent expect to invest in over the next year include application control, data-loss prevention, mobile device management (MDM), device control and "big data analytics." The most important capabilities considered for MDM by the respondents are malware detection and prevention, provisioning and access management.

Ellen Messmer is senior editor at Network World, an IDG website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail:

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags LumensionNetworkingsecuritywirelessendpoint securityPonemon InstituteWide Area Network

More about Adobe SystemsAPTGoogleIDGLumensionMicrosoft

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ellen Messmer

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts