Check Point Study Says Mobile apps Have Exposed Data

Check Point Research released findings on 2113 mobile apps which exposed user data via cloud misconfigurations. Check Point Research has warned that bad practices in cloud-based applications could lead to serious security breaches, exposing chat messages, personal information, token IDs, data from crypto exchanges and more.

Saumitra Das, CTO and Co-Founder, Blue Hexagon had this to say:

 “Many mobile applications are built by small teams and startups that almost universally use public cloud-based backend for speed of development and deployment. The lack of security teams and the complexity of cloud deployments can further exacerbate the chance of a data breach due to cloud misconfigurations. Dealing with cloud misconfigurations is challenging even for large mature security organizations so it is even more likely to affect the smaller teams that are typically involved with mobile app development.”

Chris Olson, CEO, The Media Trust added:

“Mobile app breaches caused by back-end misconfigurations have become an all-too-common occurrence. It’s not the only part of the development process that can cause security issues either: app developers regularly use unsafe third-party code that may collect and share user data in unsafe ways that are susceptible to attack.”

“These facts are particularly concerning, given that today’s cyber actors are increasingly targeting organizations and their employees through digital surfaces like websites and mobile apps. Both have often been overlooked as a source of cybersecurity risk – but that is an oversight with dangerous ramifications.”

Finally, Aimei Wei, CTO and Founder, Stellar Cyber had this to say:

“It is crucial that security consideration be taken as an integral part of almost every software application development. Cyber security issue may not only lead to business impact or financial impact, it could also lead to physical security risks. As shown in this research paper, mobile applications can leak critical user data via cloud misconfiguration. If user’s location coordinates data are leaked, that can be used to track people and put them at risk in a physical world. It is imperative that application providers implement security practices and leverage security solutions to ensure the user data is secure.”

The days of Facebook like app development, meaning get it done fast and get it out the door are over. Anyone who makes an app needs to make sure that they get the security right. And what would really help that if there was legislation that was in place that punished those who didn’t get it right. Because consumers deserve better.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: