BOSTON--(BUSINESS WIRE)--Lookout, Inc., the data-centric cloud security company, issued the following statement regarding the European Union’s Digital Markets Act (DMA), gatekeepers’ obligations and what organizations can do to remain secure.
“While the European Union’s Digital Markets Act will help ensure fair competition and provide mobile users with more freedom of choice when it comes to accessing apps, it also presents a great deal of risk for those users and the companies for which they work. Striking a balance between user freedom and maintaining a secure ecosystem is crucial, and any potential changes should prioritize protecting user privacy and data security.
The introduction of sideloading – which is the process of installing an app from a source other than the device OS’s official app store – on iOS provides threat actors with additional avenues to exploit devices and the sensitive data they have access to. Your mobile device is your identity these days – by compromising it an attacker can take over all your accounts, even those protected by multi-factor authentication. Users may not understand that as they use their personal devices for work, sideloading apps can be risky since these apps might not be vetted with as much scrutiny, making them more likely to be laced with malware. The malicious apps could be used to track user activity, harvest personal data or even enable remote control of the device.
Attackers can count on people making mistakes when using their mobile devices, and because nobody's perfect, a small human error can lead to a big enterprise data breach opportunity. On iOS, we’re already seeing an increasing number of bad actors leverage social engineering, targeting a user’s mobile phone to steal credentials that provide legitimate access to critical corporate infrastructure and sensitive data as part of the modern cyber kill chain (examples include MGM, Caesars and Twilio). These latest changes will open up an additional avenue of app-based malware on iOS.
Defense against app-based iOS malware is something security teams are unprepared for. It's like a muscle that hasn't been flexed because it hasn't been a prominent issue. Now, all of a sudden, it's emerging as a new challenge that organizations will need to address. Security teams are already overwhelmed with an influx of attacks via vulnerabilities and stolen credentials, which makes it all the more important for organizations to plan for scenarios that involve compromised iOS devices, whether it be from app-based malware, social engineering, phishing, device compromise or vulnerable apps and operating systems.”
– David Richardson, Vice President, Endpoint and Threat Intelligence, Lookout
For more information on how Lookout helps organizations mitigate the risk of mobile data being leaked through apps, click here.
About Lookout
Lookout, Inc. is the data-centric cloud security company that uses a defense-in-depth strategy to address the different stages of a modern cybersecurity attack. Data is at the core of every organization, and our approach to cybersecurity is designed to protect that data within today’s evolving threat landscape no matter where or how it moves. People — and human behavior — are central to the challenge of protecting data, which is why organizations need total visibility into threats in real time. The Lookout Cloud Security Platform is purpose-built to stop modern breaches as swiftly as they unfold, from the first phishing text to the final cloud data extraction. We are trusted by enterprises and government agencies of all sizes to protect the sensitive data they care about most, enabling them to work and connect freely and securely. To learn more, visit www.lookout.com and follow Lookout on our blog, LinkedIn and X.
© 2024 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design® and the Lookout multi-color/multi-shaded Wingspan Design® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, and the 4 Bar Shield Design.