Why hackers attack mobile devices and how to prevent it

According to a Gallop poll, the frequency of remote work cyber-attacks has nearly doubled since the beginning of the pandemic. Employees were thrown into a world of remote work immediately, utilising a wide variety of cloud-based software and apps. With the need to adapt so quickly, many businesses have been left unprepared in terms of their cybersecurity protection. 

Businesses may not understand that in many cases their weakest link is their mobile security. To gain access to a company’s whole network, a cybercriminal only has to break into one unprotected mobile device (phone, laptop, or tablet).

Why it only takes one device 

Such intrusions can be crippling to a business. The implications can be vast with an immediate impact on costs, interrupting operations, jeopardising crucial data assets, and damaging customer relationships. In reality, when a small business is harmed by a cyber-attack, nearly 60% of those affected are unable to recover and go out of business within six months.

Employee mobility has transformed the way we do business, but it has also introduced new security vulnerabilities. Mobile users, on average, spend about 80% of their time outside of the protected business network, accessing the internet from places other than the office or company locations. With this increased mobility, far too many devices are left vulnerable to more sophisticated hacking techniques – especially when enterprise IT departments fail to deploy mobile device security fixes and upgrades.

Why Hackers Target Mobile 

To obtain company data

About half of all cyber-attacks on organisations are aimed at collecting company information and/or proprietary data from customers, such as personal mobile data, social security numbers and credit card numbers. A hacker may be able to simply take a mobile device that an employee is using for email or accessing company data. Hackers know exactly where to search and download data on mobile devices because all emails and attachments are stored in one folder.

Mobile Interception 

Your mobile phone could be used for industrial espionage, illicit data transfers, or exchanging business secrets. All of this is accomplished via intercepting mobile signals, listening in on voice calls, or utilising your phone as a bug. With the amount of workers increasingly working from home there is a higher amount of business related communications being exchanged remotely which increases the danger if not protected. 

The Stingray/GSM interceptor/IMSI catcher is a piece of equipment that can collect data from hundreds of phones in a specific region, as well as launch denial-of-service attacks and intercept conversations. These products are not legally available, but they can be obtained on the black market or over the deep web.

As well as NGN (Next Generation Networks, such as 3G, 4G, and 5G), GSM (Global System for Mobile Communications), and CDMA (Code Division Multiple Access) are the three types of mobile networks (Code Division Multiple Access) and multiple surveillance systems are tracking all three of them. Data from mobile phones is passively captured as it passes over these networks between the phone and the base station with which it is communicating. It is possible to intercept both uplink (outgoing voice or data) and downlink (incoming voice or data) transmissions.

Land & Expand

Land and expand is to move beyond device control to higher-value goals, such as the corporate network. Someone who has hacked a mobile device can acquire corporate access in a variety of ways. The basic technique is to utilise the smartphone that the hacker now controls to send messages and emails in the name of the real user in order to obtain additional information or cause disruption. Alternatively, the hacker can take advantage of the mobile device’s access to the corporate Wi-Fi network when the user returns to the office and reconnects. 

The guest network in a target company’s lobby can potentially be exploited by a hacker. They may observe if there are more persons connected than are actually waiting in the lobby once they log onto the network. This is a good indicator that employees are accessing the guest network to access apps and sites that the corporate network blocks. The hacker can then simply deceive a user into downloading what appears to be a game, take control of their device, and grant themselves super-admin capabilities, allowing them to access the entire network for nefarious purposes.

Deliver Malware

Ransomware and viruses can give a hacker an immediate cash advantage. That was the case with the WannaCry ransomware assault in 2017, which notified victims that their device had been encrypted and demanded payment in Bitcoin to unlock it.

WannaCry’s hackers specifically targeted Android devices and hacked into a Wi-Fi network and scanned all linked Android smartphones to see which were vulnerable to their ransomware. The hackers infected one phone, then used it to lock down entire firms and demand ransom payments when the user returned to the corporate office and connected onto the company network.

Another example is a malware called ‘Pegasus’ was being used to target WhatsApp users through a flaw in the app. According to a product description filed as an exhibit in WhatsApp’s 2019 lawsuit, the Pegasus software was designed to “covertly collect information about your target’s relationships, location, phone conversations, plans and activities – whenever and wherever they are.” According to this description, the programme also tracked GPS whereabouts, monitored audio and VoIP communications, and gathered other data – leaving no trace on the device. 

Some organisations even after these events are still dealing with sensitive corporate, Government or client communications on consumer apps. . Using a closed system like Salt Communications protects businesses from the risk of crucial and sensitive data being compromised.

How to prevent it

Business cybersecurity has never been more critical than it is now, both to the pandemic and the rise of the mobile workforce. To guard against potential dangers and safeguard your firm from a potentially catastrophic cyber-attack, you must implement a zero-trust mentality. This necessitates a proactive strategy to threat management, as well as how you monitor the people, systems, and services that connect to your network.

There are a number of ways that your organisation can protect themselves through simple strategies. Organisations can implement a unified endpoint management (UEM) which allows IT to manage, secure and deploy corporate resources and applications on any device from a single console. Mobile device management was the initial step toward unified endpoint management, followed by enterprise mobility management. The mobile device management strategy, on the other hand, does not offer BYOD flexibility, which allows employees to switch from personal to work use of their devices at any time and from anywhere.


Another method is providing regular cybersecurity awareness best practices training. Rather than imposing regulations that impede employees’ capacity to do their jobs, a good staff awareness programme should complement how people work. The goal is to assist them in gaining the necessary skills and knowledge to work, as well as recognising when to express any issues. No one is immune to making mistakes or being a victim of a scam. In fact, because senior personnel are higher-value targets, scammers are more likely to target them (for example, through business email infiltration techniques), as the information that they share is often deemed to be most valuable. 

This is often why organisations choose to implement a secure communications platform to communicate securely both internally and externally. This system allows professionals to carry out secure calls and message threads with the assurance of complete privacy of their communications. Applications such as Salt Communications protect your company’s data from coming under threat from attacks from outside your organisation. 

To discuss this article in greater detail with the team, or to sign up for a free trial of Salt Communications contact us on info@saltcommunications.com or visit our website at saltcommunications.com.

About Salt Communications:

Salt Communications is a multi-award winning cyber security company providing a fully enterprise-managed software solution giving absolute privacy in mobile communications. It is easy to deploy and uses multi-layered encryption techniques to meet the highest of security standards. Salt Communications offers ‘Peace of Mind’ for Organisations who value their privacy, by giving them complete control and secure communications, to protect their trusted relationships and stay safe. Salt is headquartered in Belfast, N. Ireland, for more information visit Salt Communications.  

Share This Post

Share on facebook
Share on linkedin
Share on twitter
Share on email

Explore More

iOS 11.5.0

iOS 11.5.0 Bugs [SI-3874] When on the Settings screen in-app notifications now appear only once [SI-3908] The mute until label now will update correctly for