Skip to main content

All enterprises have at least one mobile malware infection

A new report focusing on malware in the enterprise, finds that large organisations (those with more than 200 iOS or Android mobile devices) are almost guaranteed to have at least one malware-infected device.

The report, by mobile threat defense firm Skycure, finds that four per cent of all mobile devices have malware installed, regardless of whether they are managed by an enterprise or an individual.

Among the detailed findings are that three percent of all enterprise iOS devices have malware installed, and nearly twice as many (5.7 per cent) of all enterprise Android devices are infected. Android devices have a greater variety of malware too. Total Android malware consists of 76 per cent unique varieties, while only 22 per cent of all installed iOS malware was unique.

On average, the study finds that enterprises have more than three unique varieties of malware. Mobile ransomware continues to increase, with screen-lock ransomware as the most prevalent. However, crypto-ransomware, where content is unrecoverable even if the user is able to access their files, is growing in popularity.

"Malware absolutely exists on enterprise mobile devices and standardising on iOS doesn’t make you safe," says Yair Amit, CTO of Skycure. "Unlike the nuisance malware of the past that targeted only consumers, today's malware is smarter, and often more focused on businesses. We have seen recent attacks that have been specifically designed to circumvent two-factor authentication. Smartphones make excellent reconnaissance tools because they are able to track a user’s conversations and movements twenty-four seven. That means malware can target specific individuals for access to valuable personal and corporate information".

One in five (19 per cent) enterprise Android devices still allows app installation from third-party stores, despite a system-level setting being available to turn off this feature. This is a problem because third-party app stores are much more likely to deliver malware.

Although the report focuses on malware, it notes that it's only one of the mobile threats facing enterprises. In fact, network incidents happen five times more often than malware incidents. The report finds that of all the incidents detected, 70 per cent were network-based compared to only 13 per cent malware-based.

Image Credit: DeiMosz / Shutterstock