Americans have had a fascination with technology for many years. This attraction is evident in the 21st century as consumers in the United States are spending a lot of time with technology. First, there was the invention of the radio, followed by the telephone and the television, then the internet. In the present society, everyone is bewitched with cell-phones, for instance, smartphones, which highlights how the latest technology has attracted many customers (Roberts & Manolis, 2014). Smartphones have a combination of a variety of sophisticated features. It enables users to keep memories, pictures, correspondence, personal information, financial as well as health information in one place. Also, smartphones have become a fundamental part of contemporary communication facilities. In some locations of the Universe, they are considered to be the most reliable phones. They enable individuals to maintain ongoing communication without the hindrance of their movements as well as distances (Miakotko, 2010).
Cell phones have a critical role in our lives. They have become an essential part of our lives because they are portable. Nowadays, individuals are using cell phones for calling, texting, online shopping, doing assignments and online banking. These impressive features have made cell phones to become smartphones. Nonetheless, the enhancement of technology and significant usage of smartphones make them susceptible to security attacks. Most operating systems that we currently use lack antivirus software programs. Improving the privacy and safety our cell phones should be our primary concern since most mobile phone applications use the internet. The common threats on a smartphone’s security are malicious applications, physical threats, social engineering as well as unsafe operating systems.
Delegate your assignment to our experts and they will do the rest.
Business impact of the event
According to Schlesinger (2016) smartphones can be hacked easily without the user’s knowledge. Even if a vicious attacker cannot get access to your phone, they can attempt to gain access to sensitive information stored inside, including e-mails, contacts as well as the places visited. Attackers are attracted to services that smartphones depend on. Not only do criminals target cell phone consumers but also corporations. Hackers try to hack large organizations via vulnerabilities in phones. It is very rare that a security breach that came from a mobile phone or is just contained in the device to be identified by a corporation.
Shin (2016) acknowledges that if one has a cell phone and utilizes Yahoo Mail, Gmail, Dropbox, cloud, Twitter, Facebook and bank websites and many other web services, they are facing the risk of being hacked, having their finances stolen, having personal data exposed and being blackmailed. The only thing that a hacker needs to hack your phone is your cell number and using social engineering which helps the hacker to persuade a customer service representative that they are you. Presently, hackers have been blackmailing individuals with delicate information, stealing money, gaining access to private documents like passport numbers and tax returns or even embarrassing their targets.
When a cell phone is hacked, it brings devastating effects. If an employee’s phone of a large corporation is hacked, the organization will experience adverse effects. Hackers can gain access to internal company files by hacking an employee’s phone especially when the worker occupies a managerial position. They may also steal sensitive information about other workers in the company and use the information for wrongful purposes. The kind of information that a human resources department has is regularly very personal and could involve employee addresses, health information, financial account information and Social Security information (Bruemmer, 2015). When employee information is targeted, it can have considerable, long-term effect than merely a hijacked credit card number which can lead to fraudulent charges.
Loss of passwords as well as usernames is also a concern since this kind of information can be utilized to conquer authentication-based workarounds to get access to other private information. Moreover, when the phone of an employee working in a government agency is hacked, it can enable the hacker to develop a false ID to steal confidential government information, including secrets of trade and patents.
Smartphone hackers do not do anything to attract attention to themselves. Preferably, their programs are created to function in complete silence in the phone background. They also cover their tracks very well. There are no call logs placed to numbers that are overseas, no proof of texts sent that can consume a monthly bill. If hackers hack our cell phones, they will be able to send text messages and make the phones view videos since the hackers will have full access to our phones. The writers of mobile malware are also creating hybrid threats constructed to counterattack the security systems of online banking (Sullivan, 2013). In one well-planned attack, offenders hacked both a victim’s cell phone and computer, then snooped until an online banking transaction was started on the private network. When the bank sent a particular message as a security confirmation, the hackers intercepted them and validated the transactions. Following a report by a security firm named F-Secure, a malicious program known as Eurograbber is responsible for stealing $47 million from around thirty thousand bank accounts.
Threat vectors
Following Felt, Finifter, Chin, Hanna, & Wagner (2011) mobile phones are susceptible to malware attacks. Hackers are aware that most individuals are not utilizing adequate protection when it comes to the security of their smartphones. Cell phone malware is a malicious code that is created to target a mobile device. They interfere with the standard functions of cell phones like iOS, Android, as well as windows for many of reasons such as stealing personal information and illegal financial gain.
There are many kinds of malware available today. There are some that rely on the interaction of the user to execute, while others rely on bugs and other operating system vulnerabilities. A security research company brought to light that thirty-six android devices were infected by malicious software. These machines had never been exposed to users. Per their research, malware was already preinstalled on these cell phones (Sujithra & Padmavathi, 2012). The malware was fixed somewhere along the supply chain.
Phishing attacks are also another threat vector. These attacks are deceitful phone calls, text messages, advertisements, e-mails, social media messages, and fraudulent software. These texts or e-mails look like they originate from a legitimate source like your manager, teacher, your bank or even the FBI (Felt, Finifter, Chin, Hanna, & Wagner, 2011). The hacker sends you a text or e-mail together with a malicious link. You are then asked to click on that link. The moment you click the link, the malicious code begins downloading on your cell phone.
The third threat vector is smishing attack. In smishing attacks, a criminal sends a text message along with malicious code to the user. These kinds of attacks are often bank related and have warning messages, for example, the bank has discovered a suspicious activity on your account, and you need to verify your account activity as soon as possible by clicking on a particular link. Once the mobile user clicks on the link, he or she is asked to fill out some forms asking for the address, name, birth date, and social security number. The link might as well begin downloading a malicious code on the device (Guo, Wang, & Zhu, 2008). These text messages have a sense of urgency and require prompt action, and that is the primary reason that mobile phone users fall into this scam.
According to Guo, Wang, and Zhu (2008), location tracking application such as GPS can also pose a serious threat to users. These applications are beneficial because they can assist you in getting driving directions. Also, they can aid parent to know their children's’ locations. When it comes to emergencies, these applications can assist the police or other emergency services to track down your location and assist you. Nevertheless, location information can be very confidential and personal. Such kind of information can be utilized to come up with a record of an individual’s movements as well as whereabouts. If this information is disclosed, criminals can pinpoint an individual’s present or possible future location. Criminals can utilize this information to cause harm to a person like stalking him or breaking into his home while he is not at home.
Vulnerability
The first cell phone vulnerability is vulnerability to monitoring of your calls while using the phone. All mobile devices are radio transceivers. A person’s voice is transmitted via the air with the help of radio waves. These waves are not directional, but they scatter in all directions so that anybody with the appropriate radio receiver can listen in. Even though the law postulates penalties for the interception of phone calls, it is quickly done and difficult to detect. A hacker can quickly locate a target, mobile phone number, since transmissions are being dispersed in all directions to the cell site whenever the mobile device has enough battery power and can receive a call.
The second vulnerability is the vulnerability of a smart phone being used as a microphone for monitoring purposes (Tomlinson et al., 2009). This is carried out by broadcasting a support command on the control channel to the mobile phone. The command keeps the phone in the “diagnostic mode.” When this is finalized, calls in the immediate location of the device can be recorded over the voice channel. The user is not aware that the mobile phone is in the diagnostic mode and sending all nearby sound until she or he attempts to make a call. This threat is behind the reason while cell phones are not allowed in sectors where classified discussions are held.
The third vulnerability is vulnerability to cloning. Mobile phone thieves observe the radio frequency spectrum and rob the portable phone pair since it is anonymously certified with a cell site. Cloning is whereby a thief hijacks the mobile identification number (MIN) as well as the electronic serial number (ESN) and programs these numbers into another mobile device to make it similar to yours. Immediately a phone is cloned, the thief can make calls on the reprogrammed cell phone as if he were the legal subscriber.
Incident response actions were taken
According to Newman (2017) the former head of Homeland Security and present chief of staff, John Kelly used his cell phone that was hacked for months. The data breach was apparently detected over the summer when John Kelly handed over his cellphone to White House tech experts after experiencing problems with it and battling to prosperously run software updates. The hackers could have gained access to Kelly’s phone by tricking him into downloading an application that was malicious. Phishing attachments and links also pose a fixed threat. Regardless of the method used to hack Kelly’s phone, his information was definitely at risk. Hackers could have utilized a central logger to track his every input. Also, they would possibly have access to his physical location via phone ID data as well as GPS. In case he stored any sensitive or confidential files on his phone, they would have been exposed. Tracy, (2017) says that the identification of the hack raised concerns among President Donald trump’s staffers, particularly given that it corresponds with an e-mail scandal in the West Wing that raised its queries.
Recommended mitigations
It is vital for individuals to secure their phones from unauthorized users. The following steps can be taken to protect your smartphone.
Use a passcode: Using passcodes is imperative when using cell phones. You can lock your phone with a password, pin code, pattern or biometric login to avoid unauthorized access. The passwords should also be strong enough and not merely simple words that can be easily identified.
Taking the necessary cautions when using public Wi-Fi networks: Individuals should be extra careful when using public Wi-Fi networks as they pose security risks. Most public networks are not encrypted.They are open to the public, and a password is not required. Hackers can trace all the data you send and receive while using these networks. It is advisable to use cellular or home networks while doing online shopping or banking.
Clean up your applications: Cleaning up your phone and deleting applications that you do not use is essential. The threat is that outdated app versions could be running in the phone background exposing you to hacking without you noticing it. Additionally, it is vital to update your remaining apps as most application updates have security fixes. Furthermore, log out of applications that hold sensitive information when you have finished using them.
Conclusion
In a nutshell, cell phones have become an integral part of the life of human beings. Many people depend on them for a variety of functions since they have proven to be quite useful. Even though cell phones are beneficial to us, they are also an ultimate security threat. The common risks on a smartphone’s security are malicious applications, physical threats, social engineering as well as unsafe operating systems. Many individuals fail to take the necessary measures to protect their phones from unauthorized users which makes them vulnerable to hacking. Hackers can gain access to confidential and sensitive information which can be quite damaging. Securing our phones with passcodes, cleaning up applications and being cautious when using public Wi-Fi networks is imperative.
References
Bruemmer, M. (2015, August 25). news/a/what-if-you-had-an-employee-data-breach/# . Retrieved from https://iapp.org: https://iapp.org/news/a/what-if-you-had-an-employee-data-breach/#
Felt, A. P., Finifter, M., Chin, E., Hanna, S., & Wagner, D. (2011). A survey of mobile malware in the wild. Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices , 3-14.
Guo, C., Wang, H. J., & Zhu, W. (2008). Smart-Phone Attacks and Defenses. 1-6.
Miakotko, L. (2010). The impact of smartphones and mobile devices on human health and life. 2.
Newman, L. H. (2017, June 10). story/john-kelly-hacked-phone/ . Retrieved from https://www.wired.com: https://www.wired.com/story/john-kelly-hacked-phone/
Roberts, J. A., & Manolis, C. (2014). The invisible addiction: Cell-phone activities and addiction among male and female college students. Journal of Behavioral Addictions , 254-265.
Schlesinger, J. (2016, June 17). 2016/06/17/your-smartphone-could-be-hacked-without-your-knowledge.html . Retrieved from https://www.cnbc.com: https://www.cnbc.com/2016/06/17/your-smartphone-could-be-hacked-without-your-knowledge.html
Shin, L. (2016, December 2016). sites/laurashin/2016/12/21/hackers-are-hijacking-phone-numbers-and-breaking-into-email-and-bank-accounts-how-to-protect-yourself/#1269ec11360f . Retrieved from https://www.forbes.com: https://www.forbes.com/sites/laurashin/2016/12/21/hackers-are-hijacking-phone-numbers-and-breaking-into-email-and-bank-accounts-how-to-protect-yourself/#1269ec11360f
Sujithra, M., & Padmavathi, G. (2012). Mobile Device Security; A Survey on Mobile Devic Threats, Vulnerabilities and their Defensive Mechanism. International Journal of Computer Applications , 1-6.
Sullivan, B. (2013, March 21). technology/smartphone-hacking-comes-age-hitting-usvictims-1C8989252 . Retrieved from https://www.nbcnews.com: https://www.nbcnews.com/technology/smartphone-hacking-comes-age-hitting-usvictims-1C8989252
Tomlinson, M., Solomon, W., Singh, Y., Dohetry, T., Chopra, M., Ijumba, P., Jackson, D. (2009). The use of mobile phones as a data collection tool: A report from a household survey in South Africa. BMC Medical Informatics and Decision Making .
Tracy, A. (2017, October 5). news/2017/10/john-kelly-cell-phone-hacked . Retrieved from https://www.vanityfair.com: https://www.vanityfair.com/news/2017/10/john-kelly-cell-phone-hacked
