Security gaps ‘often overlooked’ by mobile app users

One of the main reasons why mobile application security continues to affect businesses and consumers alike is that they are unaware of gaps in security.

This is according to a new white paper released by IBM, which showed that some apps are intentionally created to be malicious, where others simply have design flaws.

Titled 'Ensuring application security in mobile device environments', the report stressed that the types of attacks at hackers' disposal can vary quite considerably – and take mobile app users by surprise.

Some of the most common methods include intercepting internet traffic and sending crafted data to a user's device in order to extract information.

As mobile apps have the ability to gain access to servers, networking systems and storage, any attacker who successfully infiltrates the application will also be able to enter these systems as well.

This in turn can lead to widespread disruption, as they can not only attack a specific system, but also steal web page data that can be particularly sensitive.

Mobile devices are becoming increasingly complex, meaning that they can store information relating to a person's location, as well as address books and SMS stored on a handset.

All of this data can be potentially valuable to cyber criminals, which makes it even more important for individuals to assess the security credentials of an app before they download it.

In a business environment, these unscrupulous activities can be even more damaging, as IBM explained.

A business messaging app, for example, could contain the login credentials for a private network, which may contain contact information for employees and transcripts of previous conversations.

If the app can be exploited, an attacker could gain access to this information and even send out fake messages to people within a company, potentially leading to cases of defamation.

This can continue until the user actively takes steps to prevent the attacks, or the application is fixed by developers and updated by the user.

However, as many of these attacks often go undetected for long periods of time, the damage can often be hard to reverse – especially when it involves a loss of reputation.

Similar situations can arise when unsecured WiFi hotspots are accessed by applications, as the content can be modified as it is in transit.

IBM therefore stresses the need to be vigilant with mobile application security and to never take digital safety for granted.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s