How hackers are getting into our smartphones

Remember when a briefcase or a stack of paperwork left on a train or in a taxi would be in the daily news? Private data, secure notes and plans for changes in government or a major company could oh-so-easily fall into the hands of others. 

Shortly after, it was laptops. They’d be taken out of cars or public transport and, despite their size, they would be accidentally left on a seat with all that super-important information being available to all.

A lot of companies will now lock down laptops and will stress the importance of keeping data secure, away from the public and prying eyes.

Now, though, we have smartphones. They’re connected to the cloud and they can keep you in touch with your personal and work life all the time. Also, perhaps worryingly, a lot of companies are giving access into shared drives, or Google docs, for mobile workers. Larger companies can lock this access down with Enterprise email solutions or VPN access, but for many it’s a risk worth taking so that staff can communicate and work collaboratively from anywhere, any time.

It’s not just theft you have to worry about though. Locking your mobile screen and setting up the “remote wipe” is a good defence, but you also have to worry about hacks too. The recent ‘Gooligan’ malware attack revealed to us that mobile security breaches are well and truly alive, and more than 1.3 million Android users have been affected by the hack. Gooligan is one of the latest in a long line of smartphone hacks, and it sadly doesn’t look like this trend is stopping anytime soon. Smartphones are a goldmine for hackers and those wanting to steal your identity, with everything from banking information, birthdays, address details and private photos readily available.

I rely heavily on my phone and the Google Apps. I am, however a little lax when it comes to security. I’m perhaps the only person I know who doesn’t use a screen lock. Adi Sharabani, co-founder of mobile security company Skycure, recently told that..

At the end of the day, everything is hackable. What I am surprised about is that people sometimes forget that it’s so easy to hack into these devices.

So, what’s the solution? Throw away your smartphone and go back to using landlines, sending letters, reading physical maps, and taking pictures with a film camera? It’s certainly one way of doing it, but I doubt anyone would go down that road. Small businesses have the option to use reputable protection software that covers smartphones, tablets, Notebooks, and PCs, but for the individual, it can be as simple as practising basic online security methods. Those ones I’ve been too lazy to implement. Yes, I know, safety checks are boring (how often do you pay attention to those flight attendants before take-off), but if the alternative is your precious data in the hands of hackers or even the possibility of paying out ransomware demands, then hearing the odd security tip for your smartphone doesn’t seem so bad.

So what should you do to protect yourself? Well, turn on the screen lock for starters. It’s something I need to start doing, and is especially embarrassing when I find that my colleagues have picked up the phone and written emails – apparently from me. All very, very easy to do if you don’t lock it down.

Keep an eye on your public WiFi usage too. When your mobile data is low, these seem like brilliant solutions. On the bus, in a cafe, in a shop – if you see a free WiFi hotspot – perhaps question why it’s free. Blindly clicking on a “continue” screen to get online could mean that you miss the fact that you’re allowing access to your Facebook profile, or you’re side-loading some APK which can do some strange things to your phones.

Ahh yes, those malevolent apps. Stick to the Google Play / iTunes store, or another recognised and trusted mobile store. Don’t just randomly download something because it’s free (when you should be paying for it in the official store) or you have to drop your security settings. On a recent flight, I found that the entertainment was delivered via an app, and that could only be downloaded from the iTunes or Google Play store on the ground. Trouble is, once up in the air, the mobile network wasn’t available, so the airline made the APK downloadable over the on-board WiFi. This sets a dangerous precedent, because although we understand why they’ve done this, on Android you’ll need to allow side-loaded APKs onto your phone. This opens the door to future accidental clicks of apps, which will install without warnings.

Although things aren’t exactly this black and white, the success of smartphone hackers largely depends on our failures in protecting our devices; the desire for content can overshadow the risk of hacking. In short, pay attention to your phone’s warnings when connecting to public Wi-Fi, update your OS when prompted, and only download apps from the official stores.