RESEARCH BLOG

Is your smartphone secure?

Smartphone ownership is no longer a luxury afforded only to the rich. With the Pew Research Center having found that American smartphone ownership grew from 35 percent in 2011 to 68 percent in 2015, it's clear that people are rapidly seeing the benefits of these handy gadgets. However, with this rise in popularity comes the risk of a cyber attack.

Hackers know that users store and transmit a lot of personal data with their phones, and they also know people often don't protect their own devices. But what do these hacks look like, and what can consumers do to protect their smartphones? 

"Smartphones are easily stolen or lost."

Physical theft is a problem

One of the biggest weaknesses of smartphone security has to do with the device's best feature: mobility. Smartphones are designed to be movable, which means they're also easily stolen or lost. In fact, a study conducted by Kensington found that around 70 million smartphones are either stolen or left behind annually. What's more, 93 percent never find their way back to their rightful owner. 

While having to replace your smartphone is certainly a pain, the real issue here is that a skilled hacker might be able to access the data on your device if you don't protect it properly. Hack Cave published a few methods for bypassing an Android's password screen, which means allowing your smartphone to fall into the hands of a knowledgeable criminal could very well end in a breach of your private information. 

A smartphone is a computer

The other issue with current smartphone security is the fact that many users don't seem to view their devices as computers. Users know their phones have the same capabilities as a desktop, but they often forget that this means smartphones have similar vulnerabilities. This usually translates to risky Internet surfing behavior, which hackers exploit to their advantage. 

A smartphone is just a smaller computer, with similar vulnerabilities. Users often forget their phone can be hacked like a computer.

A perfect example of this is the Stagefright exploit on Android devices that's been named Metaphor. This hack begins with a criminal getting the target to visit a compromised website, according to The Hacker News contributor Swati Khandelwal. This site will have a video containing malicious code that forces the device to crash, thereby sending information to the hacker about the phone.

After a few more steps, the criminal can send another malware-infested video file that will allow him to monitor the victim's activity. This technique works on Android versions 2.2 ­to 4.0 and 5.0 to 5.1, which includes millions of devices. Google has been working to fix vulnerabilities such as this, but many people don't update their phones' software enough to receive these patches.

What's a user to do?

Clearly, hackers pose a very real threat to smartphone security. That said, there are a few steps users can take to massively increase their ability to fight off an attack. First and foremost, people need to be mindful about their devices, both in the physical world and on the Internet. Leaving a smartphone on the bus can be just as dangerous as clicking links from an unknown email account, so users should endeavor to think through their actions.

This also means keeping up with software updates, as these often plug vulnerabilities that hackers like to exploit. After that, it's important to invest in solid cyber security software for your mobile device that can help you avoid risky websites. Your smartphone deserves just as much security as your home computer does, and protecting it against cyber attacks could very well save you the headache of dealing with the breaching of your private information.