Well, here are now into mid-July. I can’t believe that the time is going by so fast. Heck, pretty soon it will be time for Christmas!!! But anyways, COVID19 still remains to be a prevalent threat not only to the United States, but also to the rest of the world as well.
At this point, as many businesses started to reopen, the thought was that the total number of incidents of this virus would go down. But in fact, it has gone up sharply, to even unexpected and unprecedented levels.
Because of this, it seems like that the Remote Workforce model is going to be with us for quite some time yet to come. From the people that I have talked to, their companies have mandated that they nobody can return to the office until at least the start of 2021. WOW.
As a result, the Cyberattacks are only going to get worse, and in higher numbers. Whatever you see or read in the news with regards to this, multiply it by a factor of 10X.
So, Cybersecurity will be on the minds of everybody, especially when it comes to securing the devices that employees work on. In many instances, the Remote Workforce is still probably using their own personal devices, and even using their own Smartphones when they really shouldn’t be. But how do you know if your Smartphone has been really hacked into? Here are some of the telltale signs:
*Your battery goes down after a very short time period:
Normally, the battery on your Smartphone should last a very long time (especially if it is a brand new one). The only times that really your battery should drain quickly is when of you are doing a lot things with it, especially watching videos or using a lot of mobile apps all at once; or if you have a really old Smartphone like I do. Barring these circumstances, if your battery power all of a sudden drop for no apparent reason, then you have cause to worry that perhaps a hacker has made his or her way into your Smartphone. You should be able to do a scan of all of the processes that are running on your Smartphone, and from there, delete those apps that are consuming a lot of CPU resources. But even then, you should still have your device checked to see if there is any hidden Malware that could be covertly draining your battery power as well.
*Your mobile apps are doing things that it shouldn’t be:
Typically, when you first download a mobile app, it should only do what you want it to do to, and not anymore. For example, if you find that all of a sudden it is encroaching on your other applications when it should not be, then you need to check the level of permissions that you have given it. In other words, a mobile app should not receive text messages, or even process incoming phone calls unless you have given the explicit permissions for it do so. So in this regard, double check all of your mobile apps just to make sure that they are not given 100% full permissions. You may not have set up that way, but if a Cyberattacker has made their way into your device, they may have reset the permission level to full in order to get root access to your Smartphone.
*Receiving unexpected text messages:
Heck, at this point we are all used to receiving Phishing Emails, right? Well don’t let your guard down. The Cyberattacker of today is now resorting to a newer attack vector called “Smishing”. This is when you get Phishing messages via text, just like you have been in your Email inbox. But the key difference here is that with an SMS message, it is far more difficult to tell if it is for real or not-because it is just a text message, without giving away any other visual cues, like a Phishing Email. But these “Smishing” based campaigns just don’t send a malicious link over; rather, they can also send an attachment that you will probably be very tempted to open. BUT DON’T DO THAT!!! Keep your guard up. If you receive a text message, and if it looks suspicious or you are not expecting it, then simply delete. The same is true of “Robocalls”. Never pick up the phone if you don’t recognize the number. If it is important, the other party can always leave a message.
*You see a sudden spike in data usage:
This is just the opposite of the quick battery drain. If, all of a sudden you see that your data has increased dramatically for no real apparent reason, then there is a good chance that the Cyberattacker is either trying to deploy more malicious payload or if there is already Malware in your device, that could even be communicating with the device of the Cyberattacker as they are more than likely trying to gain access to your Personal Identifiable Information (PII) on your Smartphone. But keep in mind that quick battery consumption and huge spike in data usage could also potentially mean something else: The Cyberattacker has heisted your Smartphone to launch Cryptojacking style attacks. In other words, they are trying to illegally mine for Virtual Currencies, such as that of Bitcoin.
*Your passwords all of a sudden don’t work:
Yes, we have heard that story who knows how many times to keep resetting your password, and to help you to do this, to make use of what is known as a “Password Manager”. But guess what? If all of a sudden you find that your password or PIN number does not work anymore, then most likely a Cyberattacker has changed them for you. True, you can always try to change it, but even if you do that, it can always be changed again by them. In this case, you are probably much better off just junking your infected Smartphone and get a brand new one, but keeping in mind that you should be, on a regular basis, putting in on all of the software patches and upgrades (it’s not nearly as bad as Windows 10).
*The Cyberattacker hardly leaves a noticeable trail these days:
Keep in mind that the Cyberattacker barely leaves a noticeable trace these of their footsteps. But keep in mind, there is always a trail of evidence that is left behind, no matter how obscure it may be. Thus, in this regard, it is probably a good idea from time to time to take your wireless device to the Geek Squat and have them run a complete diagnostics and examination to see if there is indeed any hidden Malware on it, and to purge them on the spot. It could perhaps cost a $100 or so to do this, but the peace of mind far outweighs the costs.
My Thoughts On This
It is important to note that the most common threat vectors to a mobile device are as follows:
*Remote Access Tools (aka “RATs”);
*Advertising Click Fraud.
The same lines of defenses that you can use to protect your Smartphone also apply to your computer, so there is no need to repeat them here. A simple Google search can reveal all that you need to know. But keep in mind this one caveat: Be careful of where you actually download your mobile apps from.
For example, Apple always very carefully vets any new mobile apps before they are allowed to be uploaded to their store. In fact, the software developer(s) that has developed the mobile app on question even has to submit detailed documentation as to how they tested their source code prior to launch in the production environment.
Whereas Google does not do this as rigorously. Very often there are backdoors that are left behind from which the Cyberattacker can break through the source code in the mobile app. So always try to do your due diligence, and even do a Google search to see if the mobile app you want to download has received good reviews or not. Anything that is negative, keep that in mind as a red flag.