In the midst of increasing data protection woes, new reports suggest that the biggest mobile device software services – Android and iOS – are both leaking huge amounts of data.
Not that it matters more, as both are perpetrators of the leaking data, but iOS applications are said to be leaking considerably more when compared with Android.
But both systems leaking data is bad enough!
Scale of data leak
The greatest cause for concern here is that mobile devices are used by practically everyone. Did you know that, reportedly, one in five people in the entire world own a smartphone, meaning the scale of these leaks could be affecting billions of people.
The issue is not limited to personal users of course; mobile devices are also used by businesses of all sizes where even the smallest leak of data could have potentially devastating consequences.
A leak could cause further hacks and be crippling for organisations.
Types of data leaked
It’s not just personal data that users should be wary about – it’s also other data like metadata that can be used for further cyber hacking.
Applications need access to different parts of your mobile device. Zscaler, a cloud security web provider, comments that there are three categories in which applications can leak data. These categories are device metadata, location data, and personally identifiable information. You may think, as did I, that personally identifiable information may be the category that is at most risk. But it actually transpires that it only amounts to 3% of leaks on Android devices, and less than 1% on iOS devices, which are very small percentages. The majority of leaks are said to be from metadata, which contains unique identifying information. The statistics show 72% for iOS and 58% for Android.
Where is data leaked the most?
The geographic location of the leaks is interesting to note.
The country that leaked the vast majority of data from IOS devices was China, with an enormous figure of 70%. The country that leaked the majority of data from Android devices was from the U.S. with around half of the country affected, and a good proportion of Brits are affected too.
Deadly DoS attacks
These categories of private data can leave users vulnerable to targeted denial of service (DoS) attacks, phishing scams, and physical tracking. DoS attacks overpower servers with requests and excessive spam, which leads to a bottleneck kind of scenario, blocking users’ access. With that much pressure on the server, it’s unable to complete any of the requests and, effectively, the hackers seek to make a network unavailable.
This was seen very recently where Dyn, a DNS service provider, became the victim of a monumental DoS attack which led to many people losing internet connections and access to well-known sites like Twitter, Netflix, Amazon, and Paypal.
Role of companies
It’s crucial that organisations and technology companies review their security and DoS mitigation processes for their own company, as well as for the safety and interests of the public. The importance of this is becoming more and more apparent: as the digital age continues to grow, so do the risks of cyberattacks.
Prevention methods and mitigation procedures should be reviewed with scrutiny, and where there is a lack of such measures, they should be quickly implemented. According to an IBM report, half of mobile application developers do not allocate any money to test for security flaws. With that in mind, no one can rely on anyone else to keep data secure, so we all must all take action it seems.