Zero-day threats posing risk to businesses

Image: rvlsoft via iStock

The threat to mobile devices has increased as more people are using them and software has become more complex.

One of the most significant dangers to smartphones and tablets is the zero-day threat. This refers to a ‘hole’ in the device’s software that the manufacturer is unaware of. This flaw can then be exploited by hackers before the manufacturer and its development team find out about it and fix it.

Recently, Apple devices were targeted by a zero-day threat that had the power to remotely jailbreak devices and install sophisticated spyware on them. The threat was designed by a company selling a spyware product called Pegasus. It was only discovered when a victim alerted security researchers to a phishing text he was sent by hackers.

According to security Software as a Service (SaaS) firm Wandera, the iOS attack exploited three related zero-day vulnerabilities in iOS to effectively turn the victim’s iPhone into a spy gadget taking control of its microphone and camera for the purpose of snooping. The hackers would also have been able to record calls and log messages from mobile apps and track movements via GPS.

As workforces are becoming more mobile and hackers are getting more sophisticated, these threats need to be taken into consideration. When employees use their own devices to access work data, which in many cases may be sensitive information, the risk of it being compromised increases.

Attacks like the one directed at iOS devices are aimed at businesses, often for corporate espionage reasons. This means that companies need to be constantly alert to the risks around them.

However, there is a solution to the problem presented by zero-day threats. Arrow can offer business users protection from a huge range of malware and viruses. We can provide Wandera to clients, which works seamlessly with our mobile device management service to offer security to smartphones.