WFH leads to surge in mobile phishing and malware attacks targeting pharmaceuticals companies

Analysis by cybersecurity researchers at Lookout says cyberattacks targeting mobile devices have more than doubled as hackers look to take advantage of remote workers.
Written by Danny Palmer, Senior Writer

Cyber criminals are increasingly going after the pharmaceuticals industry by targeting employees with phishing and malware campaigns tailored to take advantage of potential security vulnerabilities in smartphones and tablets.

Pharmaceuticals is an extremely high-profile target right now, as drug companies attempt to develop a vaccine for COVID-19 and there have already been several recorded instances of nation-state-backed hacking campaigns attempting to steal intellectual property from medical research institutions.

And researchers at mobile cybersecurity company Lookout say there's been a spike in mobile phishing attacks targeting pharmaceutical employees over the course of this year as cyber criminals attempt to gain access to sensitive data.

SEE: Cybersecurity: Do these ten things to keep your networks secure from hackers

The company analyses security telemetry from almost 200 million mobile devices and over 125 million mobile apps from across its customer base: the claim comes following analysis of de-identified and aggregated data from Lookout customers in the pharmaceutical industry. 

According to the report, one of the reasons for the rise in attacks targeting mobile devices is because of the shift to remote working as a result of the coronavirus pandemic – meaning employees suddenly became more reliant on mobile devices to be productive while working from home.

While email remains the most common avenue for phishing attacks, the wide variety of messaging apps and social media platforms people use on their smartphones provide hackers with a number of different options for delivering tailored messages and malicious links.

"Since most of us use personal mobile devices for work, attackers can socially engineer us using countless channels, such as SMS, iMessage, 3rd party messaging platforms, and social media platforms," Hank Schless, senior manager of security solutions at Lookout, told ZDNet.

"The attacker can tailor their phishing message depending on which of these options they decide to use. Since we have our mobile device on us all the time, we also tend to trust messages that are sent to them, which makes mobile phishing attacks more effective," he added.

In many cases, the aim of phishing attacks is credential harvesting, with the attacker looking to trick a victim into handing over their username and password. With this, the cyber criminal can log in as the employee and move around the network infrastructure in an effort to find and steal sensitive data.

Hackers are also targeting smartphones and tablets of people working in pharmaceuticals in an effort to deliver malware – something researchers at Lookout say has more than doubled this year.

These attacks attempt to trick the victim into downloading malware onto their device, which then allows the attacker to secretly monitor the device in the background, snooping on the activity of the user and enabling attackers to gain access to files and storage drives.

"In pharma, mobile devices are used across the entire supply chain from research and development to trialling and all the way to manufacturing and distribution. With so much proprietary data being stored in cloud services and accessed through smartphones and tablets, a successful exploitation could lead to serious legal and compliance-related ramifications for the company," said Schless.

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)  

Forms of malware that attackers are attempting to deliver include Monokle, SilkBean and Wroba trojan.

One of the reasons why malware is proving to be effective against mobile devices is because a significant number of users continue to use out-of-date operating systems.

Applying operation system updates and security patches goes a long way to protecting users against malicious attacks but organisations and individual users often don't do this swiftly, potentially enabling hackers to exploit known vulnerabilities that have security fixes.

In order to help protect employees – and, therefore, the whole organisation – from falling victim to hackers targeting smartphones, security updates for mobile devices should be treated as if they're traditional endpoints and should be applied as quickly as possible.
"To fully secure your pharmaceutical workforce, mobile devices need to be included in your overall security strategy," said Schless.


Editorial standards