Cybersecurity best practices to physically and virtually secure mobile devices by applying multiple layers of protection
Do you carry your mobile device everywhere you go? Do you panic more about leaving your mobile device at home, rather than your wallet? Is your bank and financial information and cryptocurrency stored on your mobile device? Are your car and house keys also stored on your mobile device? And lastly, do you feel like your mobile device is a part of your hand and an extension of your mind? If you answered yes to most of these questions, then you should seek help immediately…or just read on.
With iOS and iPadOS 15, you can add digital copies of your driver’s license and your work, student or government-issued identification to your Apple Wallet alongside your stored credit cards. You will also be able to show your digital ID and boarding pass on your iPhone or Watch at the airport security checkpoint to get onto your flight. Soon, you can leave your physical wallet and keys at home and just bring your mobile device everywhere.
Unfortunately, today’s cybercriminals are now going after your mobile devices using both physical and virtual attack vectors. Threat actors want control of your device’s processing power, which can be used to mine cryptocurrencies, take part in mobile botnets for sending phishing messages, steal your confidential data including login credentials, display malvertisements, perform distributed denial of service (DDoS) attacks to websites or engage in cyber espionage. These cybercriminals want to steal mobile identities, digital wallets and financial account information to sell to hackers on the dark web.
According to Interpol’s ASEAN Cyberthreat Assessment 2021 study, Malaysia faced an increase in “Macau Scam” incidents with 5,218 cases between January to October 2020, resulting in losses exceeding RM256 million. As a form of telecommunications fraud, the Macau Scam involves criminals using local and international telephone lines primarily from Hong Kong to deceive victims into surrendering large amounts of money.
Follow these cybersecurity hygiene best practices to secure all your mobile devices physically and virtually by applying multiple layers of protection.
- Turn on your mobile device’s screen lock with biometric authentication such as iOS’ Face ID or Android’s fingerprint or Face Unlock, or Samsung’s Iris unlock. This is the first impediment for a threat actor to attempt to bypass if your mobile device is lost or stolen.
- Enable file-based encryption. This is automatically enabled as soon as you create a strong passcode that is used as the entropy source to start the data protection process for file-based encryption. This is the second impediment for a threat actor to solve.
- Never share your credentials with anyone and enable multi-factor authentication (MFA) for your online accounts and remote access services such as Virtual Private Networks (VPNs). Use stronger factors, which use inherence (biometrics), possession and context (location and time-of-day), not knowledge factors which use passwords or PINs.
- Refrain from connecting to unsecured WIFI networks. If you must connect to WIFI networks in public spaces, such as the airport or hotel, turn on an always-on VPN.
- Regularly update your operating system and apps.
- Install mobile threat defense (MTD) onto all your mobile devices, preferably one that has advanced detection and protection capabilities at the device, app and network levels including anti-phishing protection for email, attachments and text messages.
- Only download applications from the iOS App or Google Play Store. If your company employs a unified endpoint management (UEM) platform, the IT administrator can deploy the company’s enterprise app store or silently install work apps onto the managed device. If the device is lost or stolen, the UEM can remotely lock, retire or wipe the managed device to further safeguard your data.
- Do not jailbreak or root your mobile devices. This removes the native device protections and installs malicious exploits to take control over your device.
- Back up important data onto your desktop or upload to your trusted cloud storage service.
- With the ongoing pandemic and the resurgence of the COVID-19 virus, most of us spend our time at home. Employ a home firewall with an intrusion prevention system turned on in front of my wireless router from the internet. There are free open-source firewalls that you can install and run on an older PC with easy-to-follow instructions online.
Apply the same common sense and multi layered strategy that you use to safeguard your wallet and personal valuables from thieves to your mobile devices. Take it a step further by implementing the aggressive countermeasures above for protecting all your mobile devices — not so much for the cost of replacement for the device itself, but for all the sensitive data and irreplaceable content that it contains.
Andrew Souter is Ivanti’s Area Vice President for Asia Pacific
Join our Telegram channel to receive latest news alert