By Yaniv Sulkes, AVP Marketing at Allot Communications
Speak to anyone with a desktop or a laptop computer about online security and more often than not they will assure you that they are protected by a firewall, antivirus software and so on.
Talk to those same people about security on their mobile devices and many will stare back at you blankly.
A 2015 survey by cyber security specialist Kaspersky Lab uncovered that a quarter of those questioned knew little about mobile malware.
Yet malicious software, such as viruses, worms and Trojan Horses can have serious implications for the users of affected devices.
The consequences include the theft of bank data, personal details, photographs and more besides.
What should be of most concern to mobile users and service providers is that these attacks are on the rise and becoming more sophisticated.
Indeed, there is evidence to suggest that malware assaults on mobile devices are set to overtake those on PCs.
Yet this also presents a huge opportunity for Communication Service Providers (CSPs).
By providing the option on-going protection to their users, CSPs can create profitable revenue streams as well as differentiating their offering from competitors.
Malware can enter a mobile device in a number of ways, such as installing suspicious apps, using safe apps that have been infected and visiting unsafe websites.
This has led to a number of studies focusing on the vulnerability of certain apps and URLs to being infected with malware.
However, it is also key to look at how user behaviour impacts on the vulnerability of mobile devices to infection.
In the latest Allot MobileTrends Report we explored the correlation between mobile apps and URLs usage and user potential for malware risk.
Compiled in partnership with Kaspersky, the study looked at 500,000 mobile users across a range of operating systems during the course of a week.
The results show that an individual’s behaviour is a significant, if not a decisive, indicator of malware risk.
These individuals were grouped together according to demographics to show level of risk compared to type of user.
Surprisingly, business people were observed as demonstrating the most risky online behaviour.
Nearly eight out of 10 businessmen and seven out of 10 businesswomen used apps that could potentially put their mobiles at risk.
The reasons for this are likely to be that work desktops and laptops are usually tightly locked down in relation to what can and can’t be accessed and downloaded.
Yet there are no such constraints on mobiles, which means that business people are free to choose any app or visit any website without the safety net of the office firewall.
The report also shows that roughly one in every 30 mobile browsing sessions and one in every seven mobile app sessions is potentially a backdoor for malware.
According to the research, the apps most likely to provide an access point on a mobile device for malicious software are those that allow sharing and access between devices with a more than 90 percent potential risk.
Browsing connected to financial transactions and interactions take three of the top four riskiest categories with gambling (77 percent), shopping/e-commerce (27 percent) and finance (7.3 percent).
Interestingly, in third place is URLs associated with navigation (14 percent), highlighting that any type of URL could pose a security threat.
Mobile users clearly need protection from online activity that could compromise their data security.
However, it is not enough to simply provide security on a per app basis as there will be always apps that will get through the net.
Further, such a response does nothing to protect users when browsing.
Instead, CSPs should look to provide blanket protection to their users so that all online activity is safeguarded, blocking or warning against the use of suspicious applications and sites.
Currently, according to estimates by Kaspersky, only around six in every 10 mobile devices are protected by an antivirus solution.
Such a shortfall presents a huge opportunity for CSPs to engage with certain high-risk demographics and monetise them with appropriate security.
This is a particular opportunity for CSPs, because stand-alone antivirus software relies upon the user to find and install their own application.
Often this can be the wrong type of protection, or it is installed or set up incorrectly or not at all by the user.
With a CSP anti-malware package targeted at specific demographics, those responsible for mobile usage can rest assured that all users and data are safe online.