The State of Mobile Security in Financial Services

Finservs experience a higher volume of phishing and an elevated risk of man-in-the-middle attacks than their peers, but appear to thwart cryptojacking by using devices more responsibly than other industries.

Those are findings from San Francisco-based mobile security company Wandera’s new report, “Mobile Security in the Financial Services.” To understand this sector’s exposure to cyberthreats, Wandera analyzed six months of security data from 225 of its financial services customers that, collectively, have 50,000 devices under management. There were 4.7 million events across these devices, averaging around 21,000 events per customer, on mobile alone.

The report sought to understand financial services organizations’ exposure to cyberthreats in light of the increasing attacks within the industry.

Wandera learned financial services organizations are experiencing a higher volume of phishing attacks than their peers outside the vertical (57% compared to 42% cross-industry); and are at a higher risk of man-in-the-middle attacks (36% compared to 24% cross-industry) perhaps due to higher than normal travel activity and public Wi-Fi usage. However, when it comes to cryptojacking, financial services employees appear to use devices more responsibly than other industries and, therefore, the overall device impact is far less (1% compared to 2.65% cross-industry).

There are concerns for finservs. “In the financial services industry, as in many sectors, the security of client information is the most important asset, so it’s disconcerting to find mobile security still an afterthought,” Michael Covington, vice president of product strategy at Wandera, said. “Financial organizations are struggling to keep pace with increasing regulations, rapid cloud migrations and rampant BYOD adoption, among other emerging technology trends, making it crucial that industry security pros work to secure not just the devices, but also the apps installed on them and the data they access.”

The report provided a detailed breakdown of some notable threats:

Phishing. The report found phishing attacks are a daily threat for financial services companies and employees need regular training to help identify phishing attacks—not only via email, but also through social media and other messaging platforms. “However, given the growing sophistication of phishing campaigns, FS companies can’t rely on awareness training as the only layer of defense. A multi-level approach needs to be adopted at the endpoint and in the network to offer comprehensive protection against phishing.”

Malware. “Despite all of the scaremongering around malware, it’s not as big an attack vector as people typically think, with less than 1% of companies having experienced malware attacks.” However, Wandera maintained they do occur and cybercriminal groups are becoming highly targeted in their approach. For example, a WhatsApp vulnerability enabling spyware on targeted devices was not a wide-scale attack, but had substantial potential impact.

Cryptojacking. On average, 18.6% of companies experienced mobile cryptojacking attacks. This came in slightly higher for financial services firms at 26.67% where users appear to use devices more responsibly than counterparts in other industries, so the overall device impact is less notable than that of some other threat vectors like phishing.

Man-in-the-middle attacks. Finserv employees saw a high number of incidents associated with man-in-the-middle attacks and risky hotspots (35.56%) compared to cross-industry figures (24.05%). Of the risky hotspots, 59.67% in the sector were travel-related, indicating that financial services employees who travel need greater protection.

Mobile risks affecting financial services. Out-of-date operating systems: More users in financial services maintain their devices with the latest operating system and security patches. Lock screen disabled: One of the most basic security measures is using a lock screen, so it is surprising that for every 20 employees, there is one with their lock screen disabled. Jailbroken or rooted devices: Data reflects this less common among users in general, and app stores are fairly open and smartphones are already customizable enough. Sideloaded apps installed: Within the finserv sector, 2.88% of iOS devices have sideloaded apps and 3.76% of Android devices have sideloaded apps. Sideloaded apps can indicate users exhibiting riskier mobile behavior. Password leaks: Not uncommon, but they only impact about 1% of mobile devices. Larger organizations and those that tend to have more liberal usage policies are more likely to encounter password leaks, as they are less stringent with their policies governing application usage and acceptable web content.