Security Market Segment LS
Thursday, 10 December 2015 13:22

Five times more data leakage on iPhone than Samsung Featured

By

900 new spam hosts and 300 new password leaking app/websites – that is just an average day in Wandera’s mobile security monitoring.

iTWire ran a name and shame article with Wandera identifying 26 UK/Europe/US/Canada/ROW companies that could leak data.

Its quarterly threat report is even more illuminating and covers data use as well as vulnerabilities. Highlights include:

  • 900 new spam hosts
  • 300 new variants of password leaking apps/websites (see iTWire article here)
  • New app password leaks – 5x more on iPhone than Samsung
  • 11% of its customers have been exposed to password leaking apps
  • Among major customers, iOS 9.x users are using 20-30% more data since the update from iOS 8
  • Only 1% of customers have devices with an outdated OS (down from 4% last quarter)
  • Email accounts for 25% of data when roaming compared to 13% domestically

Wandera looks at mobile threat prevention, compliance (enterprise connections and unapproved usage) and data cost management.

Its report shows the major threats faced by enterprise mobile use – these are for the main part applicable to consumer use.

It’s a corporate phone – but its use is personal.

The top fifteen sites visited seldom include the company’s web site.

iOS can use 20-30% more data

iOS 9 has Wi-Fi Assist, a feature that automatically connects devices to cellular networks when Wi-Fi signal is lost. While this automatic switch sounds convenient, it means the user may not be aware of the corresponding data costs incurred.

Within two weeks of iOS 9 being launched, 50 of its major enterprise customers reported that iOS 9 users were using 20-30% more data since the update from iOS 8. In several instances this appears to be caused by the automatic activation of Wi-Fi Assist in locations where corporate Wi-Fi was available but it was overloaded or patchy. This is concerning for businesses that may be incurring unnecessary mobile costs while their employees are at their desks.

Surprisingly iOS is more vulnerable than Samsung’s version of Android

Despite Android’s reputation as a less secure platform, this quarter we’ve actually seen five times more new app leaks on iPhone than Samsung. One new app leak in particular was filed by its Threat Research Team as ‘high impact’, leaking users’ emails and passwords on both iOS and Android versions.

The Italian newspaper app Correiere della Sera has between 100,000 and 500,000 users globally. Unfortunately, seven out of ten people use the same login details for multiple accounts, increasing the potential impact of this type of threat.

It recommends using unique login details for apps that request sensitive information (such as banking apps), and avoiding the use of these apps when connected to public Wi-Fi hotspots where risk of Man-in-the-Middle attack is highest.

When iOS jailbreak does not matter

It's Threat Research Team found numerous new incidences of the mobile threat, Semi Jailbreak (SemiJB), which allows users to install applications, games and themes using the SemiJB Cydia appstore, where apps may not have undergone the standard Apple vetting processes. SemiJB was detected in 10 US and UK enterprises on its network.

There are several security implications for the corporation when employees use SemiJB devices. Unverified apps from unknown developers can be downloaded onto the device and allowed onto the corporate network, user privacy can be compromised, and apps built with weak security increase the risk of sensitive data leakage. A Man-in-the-Middle attack has the highest likelihood.

XCodeGhost still haunts iOS

XcodeGhost remains a severe threat to iOS devices. It is malicious code, which is inserted into iOS applications using a rogue version of Apple’s own Xcode, allowing the hacker to steal valuable data from the infected device. Following the discovery of the thousands of compromised apps in the Chinese Apple App Store, its Threat Research Team identified 36 different infected apps installed on thousands of enterprise devices.

Versions of popular applications including WeChat, WinZip, PDF Reader and CamScanner were found to incorporate the malicious code. This incident proves what security researchers have known for some time: that just like other mobile platforms, Apple devices remain vulnerable to the rise of sophisticated mobile malware attacks. In fact, this quarter we found that Apple devices are twice as likely to encounter mobile threats than Samsung devices.

How data is used

iCloud accounts for 1% of all cellular data - a fairly significant proportion. When roaming, email accounts for 25% of data used but this drops to 13% when at home. Similarly, mapping software is used almost twice as much when employees are abroad. But overall it seems users are becoming more careful with their roaming data usage – for example video is the most popular use of data and accounts for 17% of data domestically but this falls to a more prudent 5% when employees are roaming.


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments