*Definition of a mobile device.*

Mobile device can only be defined when the two aspects such as the software and hardware aspect are explained together [3–5]. A mobile device will usually have a small form that has a non-removable data storage and are equipped with an operating system that is particularly different from the operating system of laptops or desktops. A mobile device should be equipped with at least one wireless network interface such as cellular network or Wi-Fi for the purpose of connectivity and communication. Also, a mobile device should be able to obtain and install applications through various ways such as app stores, websites or other third party sources. There are also other common features of a mobile device but are optional such as the ability to connect to multiple wireless or area network interface and the ability to connect to real-time location services through the use of Global Positioning System (GPS). Other features of a mobile device also includes the microphone which allows voice to be recorded, a built-in camera that allows mobile device to record or capture pictures as well as a removable data storage.

*Cyber threats in mobile devices.*

Mobile threats can be classified into four different categories of mobile threats which are (1) application-based threat, (2) physical threat, (3) network-based threat

**119**

black-market for profit motives [7, 8].

*Revealing Cyber Threat of Smart Mobile Devices within Digital Ecosystem: User Information…*

and (4) system-based threat. The first category is application-based threats. Outdated or unpatched third-party applications in mobile devices poses risks as hackers may exploit the vulnerabilities within those applications. Users that are still using an old mobile device that has a lack of software updates, an untimely patch update or a cease in support for older operating systems are at risk of being compromised by hackers through the holes within the software or the OS itself [4, 6, 7]. Additionally, there are various application-based threats which consist of (a) Malware, (b) Spyware,

a.Malware is referred as malicious software that is operated by hackers to obtain access to a mobile device and perform illegal criminal activities. It requires the hacker to install malware into the mobile device through many devious ways that are very difficult to track or trace. Malware could be used to alter or execute actions without the owner's permission, such as sending prompt or subitaneous text messages to contacts, charging phone bills or acquiring

b.Spyware is known as a program used by hackers which utilises private or

c.Privacy threat could occur when hackers alters or erase the mobile device's data using a software applications that are not somewhat program codes. The sensitive data within the mobile device are visible to the attacker and can easily

d.Vulnerable application refers to applications that have holes that could be exploited by hackers to sneak into the mobile device and gaining full control over the mobile device. Once control over the mobile device is established, hackers can easily acquire personal or sensitive information, execute unfavourable activities against user's will such as rendering certain services useless and

The second category is physical threat. The authors refer physical threat as a security incident which involved a mobile device being stolen or lost in the process. Mobile devices have a greater chance of being lost or stolen than laptops due to the features of mobile devices such as its small size, lightweight and easy to carry, thus making it the perfect target of attackers. An attacker that had successfully obtained physical access to a mobile device will proceed with other malicious activities that are conducted from the attacker's computer. The mobile device will display an image of a malicious system that is trying to install a harmful software or attempting for data extraction. Further added that mobile devices could be misused by attackers in several ways such as creating a fake identity by using the personal information contained inside the mobile device or by selling sensitive or confidential data to the

The third category is network-based threats. Most of the mobile devices used by consumers are usually connected to wireless network interface such as Wi-Fi or Bluetooth, the use of these network interfaces carries certain risks. It makes mobile devices vulnerable towards malicious activities such as wireless eavesdropping that is performed using off-the -shelf software such as Aircrack-ng Suite or Wifite. Attackers could exploit the network to plant malwares on mobile devices

be exploited for different purposes that are ill-natured.

force download unknown applications without authorization.

confidential data without consent for illicit motives, whereby it usually targets sensitive information such as owner's list of contacts, phone call records, text messages, real-time location, gallery images, browser history and email

*DOI: http://dx.doi.org/10.5772/intechopen.95752*

(c) Privacy threats and (d) Vulnerable applications.

successful control over the mobile device.

addresses.

#### *Revealing Cyber Threat of Smart Mobile Devices within Digital Ecosystem: User Information… DOI: http://dx.doi.org/10.5772/intechopen.95752*

and (4) system-based threat. The first category is application-based threats. Outdated or unpatched third-party applications in mobile devices poses risks as hackers may exploit the vulnerabilities within those applications. Users that are still using an old mobile device that has a lack of software updates, an untimely patch update or a cease in support for older operating systems are at risk of being compromised by hackers through the holes within the software or the OS itself [4, 6, 7]. Additionally, there are various application-based threats which consist of (a) Malware, (b) Spyware, (c) Privacy threats and (d) Vulnerable applications.


The second category is physical threat. The authors refer physical threat as a security incident which involved a mobile device being stolen or lost in the process. Mobile devices have a greater chance of being lost or stolen than laptops due to the features of mobile devices such as its small size, lightweight and easy to carry, thus making it the perfect target of attackers. An attacker that had successfully obtained physical access to a mobile device will proceed with other malicious activities that are conducted from the attacker's computer. The mobile device will display an image of a malicious system that is trying to install a harmful software or attempting for data extraction. Further added that mobile devices could be misused by attackers in several ways such as creating a fake identity by using the personal information contained inside the mobile device or by selling sensitive or confidential data to the black-market for profit motives [7, 8].

The third category is network-based threats. Most of the mobile devices used by consumers are usually connected to wireless network interface such as Wi-Fi or Bluetooth, the use of these network interfaces carries certain risks. It makes mobile devices vulnerable towards malicious activities such as wireless eavesdropping that is performed using off-the -shelf software such as Aircrack-ng Suite or Wifite. Attackers could exploit the network to plant malwares on mobile devices

*Data Integrity and Quality*

mobile devices

standard.

conclusion.

**2. Literature review**

devices as follows:

• Related works

• Definition of a mobile device

• Cyber threats in mobile devices

• Cyber security in mobile devices

*Definition of a mobile device.*

*Cyber threats in mobile devices.*

*Structure of the study.*

3.To discover the category, costs and impact of cyber threat incident on smart

5.To ensure users have strong protection over their data and the type of cyber security required to combat cyber threats on SMD comparing with security

This first section has outlined the background, significance of the study, the aims and objectives of the study as well as the limitations of the study. The rest of the paper will be structured in the following way. The second section will present the literature review related to cyber threats and cyber security. The third section will discuss on the methods utilised in collection of data. The fourth section will be the discussion on the survey findings and how it relates to SMD security. Finally, the last section will be on the recommendation of a new framework as well as

The topic of cyber threat and cyber security on mobile devices had been greatly debated by various researchers around the world. Thus, this section will be reviewing numerous literatures on cyber threats and cyber security in the context of mobile

Mobile device can only be defined when the two aspects such as the software and hardware aspect are explained together [3–5]. A mobile device will usually have a small form that has a non-removable data storage and are equipped with an operating system that is particularly different from the operating system of laptops or desktops. A mobile device should be equipped with at least one wireless network interface such as cellular network or Wi-Fi for the purpose of connectivity and communication. Also, a mobile device should be able to obtain and install applications through various ways such as app stores, websites or other third party sources. There are also other common features of a mobile device but are optional such as the ability to connect to multiple wireless or area network interface and the ability to connect to real-time location services through the use of Global Positioning System (GPS). Other features of a mobile device also includes the microphone which allows voice to be recorded, a built-in camera that allows mobile device to

Mobile threats can be classified into four different categories of mobile threats which are (1) application-based threat, (2) physical threat, (3) network-based threat

record or capture pictures as well as a removable data storage.

4.To propose a new framework approach to securing SMD

**118**

#### *Data Integrity and Quality*

unnoticeably whenever a mobile device is connected to a wireless or cellular network. Once the malware has been installed, it will give attackers free access to the mobile device, allowing them to modify or extract any confidential or sensitive information within the mobile device. Also, attackers can use the method of Wi-Fi sniffing to conduct criminal activities by reading, monitoring or altering any unencrypted data that is travelling in the same network [9–11]. Mobile device manufacturers introduce unintentional flaws or vulnerabilities into their own devices such as the incident with Samsung's Android SwiftKey keyboard which was discovered to be susceptible to eavesdropping attempts. Another similar incident occurred with Apple devices, specifically the iPhone's Operating System (iOS) where the "No iOS Zone" flaw causes any iOS devices within range to automatically connect to a malicious fabricated network and constantly crashes those devices. In addition Web-based threats are known as threats that involve user's interaction with online services through the access of the Internet, which could be divided into smaller categories which are (a) Phishing scams, (b) Drive-By downloads and (c) Browser exploit [5, 8, 12, 13].


Another research classifies cyber threats into two different aspects which are the technical aspect and the management aspect of mobile security. The technical aspect of mobile device cyber threat are quite similar to what was described by previous researchers, where it consisted of device security threats, network security threats, services security threats and content security threats. However, there was one factor that wasn't touched on in the two previous research but was present within this research work, and it was concerning on the management aspect of cyber threat in mobile devices [1, 14, 15].

The management aspect of mobile device cyber threat studies the threats that are associated with the security policy of mobile devices, which can be broken down into three categories namely (a) application distribution environment security threat, (b) law institutional security threat and (c) domestic and foreign enterprise environment security threat.

*Cyber security in mobile devices.*

However, the study revealed measurement of users that may possibly undertake in order to protect their personal data stored inside their mobile device [16–18]. One of it is by using password or PIN lock features to ensure that only the user can access the device and prevent outsiders from accessing it. Also, users should only connect their mobile device to wireless networks that are protected by a password and avoid connecting the device to public networks as public networks raises the chances of

**121**

automatically take place accordingly.

*Revealing Cyber Threat of Smart Mobile Devices within Digital Ecosystem: User Information…*

the user being compromised. Users that have their devices with Bluetooth enabled should set it to non-discoverable to other users so that attackers will not be able to sneak in and steal the user's sensitive data and the user's contact number should never be revealed easily to other people as it might be used to execute ill-intent

Basic steps that users can exercise to protect their mobile devices from cyber threats such as (1) Regular or prompt update of operating system, (2) Device rooting or jailbreaking prevention, (3) Mobile applications management and (4) Mobile

1.Regular or prompt update of operating system - when mobile devices run on outdated operating system (OS) such as Android or iOS, these devices are much more vulnerable to cyber attacks, such as the entry of malicious applications into the mobile device. This situation could have been prevented if the

2.Device rooting or jailbreaking prevention - When users decided to root or jailbreak the operating system on their mobile device for certain personal reasons, users should remind themselves the gravity and consequences of it because at the moment they do so, the responsibility of the privacy and security of their mobile device have transferred from the developers to the users themselves. Users should also be informed that cyber threats such as spyware are more

3.Mobile applications management - Users should install mobile applications from trusted and secure source such as Apple store or Google store and avoid installing from untrusted sites from the internet. By downloading applications from trusted sources, users do not need to worry about security as the applications are scanned for any vulnerabilities before installed and the installed applications will automatically be updated to fix any vulnerabilities in the future.

4.Mobile antivirus - Installing a mobile antivirus may seem ineffective for Apple devices as Apple ensures that it will not be allowing any applications from gaining any permission it needs to execute any damage. It may seem redundant to install a mobile antivirus in Android devices as Android restricts any app installation from sources other than Google store but for users that tend to install applications from outside sources, an antivirus will protect the device to some extent from unknown threats originating from the installed applications.

Moreover, a set of security solution was proposed as function as it can be implemented by organisations and enterprises to manage mobile device security [19–22]. The first solution is by creating a general policy that includes the restrictions on the use of mobile devices within the organisation such as restrictions on user access and application access tools and hardware such as cameras, removable storages such as USB flash drive and hard disk drive (HDD) as well as to local OS services, for instance inbuilt email, web browser, contact and calendars. The policy also includes guidelines on the management of wireless network management such as Wi-Fi or Bluetooth and additionally limits personnel's access to organisation's services based on the mobile device's brand, model, software client version and OS status (ensures device is not rooted or jailbroken). Any suspicious actions will be monitored, detected and reported back to the management and once it has been found that the actions has violated the general policy, further actions and reprimandation will

latest operating system had been updated on time and without delay.

likely target devices that are rooted or jailbroken.

*DOI: http://dx.doi.org/10.5772/intechopen.95752*

activities.

antivirus.

*Revealing Cyber Threat of Smart Mobile Devices within Digital Ecosystem: User Information… DOI: http://dx.doi.org/10.5772/intechopen.95752*

the user being compromised. Users that have their devices with Bluetooth enabled should set it to non-discoverable to other users so that attackers will not be able to sneak in and steal the user's sensitive data and the user's contact number should never be revealed easily to other people as it might be used to execute ill-intent activities.

Basic steps that users can exercise to protect their mobile devices from cyber threats such as (1) Regular or prompt update of operating system, (2) Device rooting or jailbreaking prevention, (3) Mobile applications management and (4) Mobile antivirus.


Moreover, a set of security solution was proposed as function as it can be implemented by organisations and enterprises to manage mobile device security [19–22]. The first solution is by creating a general policy that includes the restrictions on the use of mobile devices within the organisation such as restrictions on user access and application access tools and hardware such as cameras, removable storages such as USB flash drive and hard disk drive (HDD) as well as to local OS services, for instance inbuilt email, web browser, contact and calendars. The policy also includes guidelines on the management of wireless network management such as Wi-Fi or Bluetooth and additionally limits personnel's access to organisation's services based on the mobile device's brand, model, software client version and OS status (ensures device is not rooted or jailbroken). Any suspicious actions will be monitored, detected and reported back to the management and once it has been found that the actions has violated the general policy, further actions and reprimandation will automatically take place accordingly.

*Data Integrity and Quality*

Browser exploit [5, 8, 12, 13].

that wasn't consented by the user.

cyber threat in mobile devices [1, 14, 15].

environment security threat.

*Cyber security in mobile devices.*

unnoticeably whenever a mobile device is connected to a wireless or cellular network. Once the malware has been installed, it will give attackers free access to the mobile device, allowing them to modify or extract any confidential or sensitive information within the mobile device. Also, attackers can use the method of Wi-Fi sniffing to conduct criminal activities by reading, monitoring or altering any unencrypted data that is travelling in the same network [9–11]. Mobile device manufacturers introduce unintentional flaws or vulnerabilities into their own devices such as the incident with Samsung's Android SwiftKey keyboard which was discovered to be susceptible to eavesdropping attempts. Another similar incident occurred with Apple devices, specifically the iPhone's Operating System (iOS) where the "No iOS Zone" flaw causes any iOS devices within range to automatically connect to a malicious fabricated network and constantly crashes those devices. In addition Web-based threats are known as threats that involve user's interaction with online services through the access of the Internet, which could be divided into smaller categories which are (a) Phishing scams, (b) Drive-By downloads and (c)

a.Phishing scams happens when users are being delivered through their email, text messages or social media links that appears to originate from a legitimate company or organisations when in reality it is a scam. The main purpose is to trick users, individuals or organisation, into disclosing sensitive or confidential

b.Drive-by-downloads occurs when a hacker obtains illegal access to a mobile device as a result of a user opening up a web page or clicking on a link found on a website. It will then trigger an automatic download of malicious applications

c.Browser exploit is described as a devastating code that allows hackers to exploit the unsecured data within the mobile operating system. It could also be described as malicious software that aims to alter a mobile browser's settings without any consent that is usually triggered when a user had visited unsafe websites.

Another research classifies cyber threats into two different aspects which are the technical aspect and the management aspect of mobile security. The technical aspect of mobile device cyber threat are quite similar to what was described by previous researchers, where it consisted of device security threats, network security threats, services security threats and content security threats. However, there was one factor that wasn't touched on in the two previous research but was present within this research work, and it was concerning on the management aspect of

The management aspect of mobile device cyber threat studies the threats that are associated with the security policy of mobile devices, which can be broken down into three categories namely (a) application distribution environment security threat, (b) law institutional security threat and (c) domestic and foreign enterprise

However, the study revealed measurement of users that may possibly undertake in order to protect their personal data stored inside their mobile device [16–18]. One of it is by using password or PIN lock features to ensure that only the user can access the device and prevent outsiders from accessing it. Also, users should only connect their mobile device to wireless networks that are protected by a password and avoid connecting the device to public networks as public networks raises the chances of

information such as debit/credit card number or passwords.

**120**

The second solution concerns on the data storage and communication within the organisation. The management should strongly encrypt organisation's confidential data that are contained within the built-in storage as well as the removable media storage and any device that will be reissued to other personnel must first be wiped to clean the data previously stored in it. Additionally, if any of the organisation's device is assumed to be lost or stolen by unknown instigators that by any chance cannot be trusted, the management should initiate remote wipe on the device to prevent confidential information from being harvested by malicious attackers [16, 23–25]. Another way to prevent the mobile device from being accessed illegally is by implementing a configuration that has wipe feature within its devices that will automatically factory-resets all the data within after it detected several failed authentication attempts. The organisation should also aim at having a secure data communication between organisation and mobile devices by encrypting it using Virtual Private Network (VPN) or other encryption tools that suits their needs.

The third solution is based on the device and user authentication. A user authentication step should be implemented before any personnel could access the organisation's data and resources, which could be in the form of password or other various authentication such as token-based or domain authentication. The organisation should also include certain parameters for password characters, password length and the maximum number of retries allowed before the device is locked out or wiped. In cases where a user has requested a password reset or was locked out of the mobile device, the administrator should be able to restore the user's access to it remotely. Any device that is suspected to be accessed in an unsecured location should be remotely locked under the supervision of the administrator and any device that is in an inactive state for a certain period of time should be locked automatically by the device itself.

The final solution involves restrictions on various aspects of mobile applications. The management should restrict the list of app stores that can be accessed by personnel to download mobile applications or instead, the management could issue applications from a chosen application store. In addition, the installation of certain applications should also be restricted through the process of whitelisting and blacklisting. There should also be a restriction on what device location are permissible for the application to access such as storage access or camera access. The digital signatures found in applications should be verified to ensure that the applications installed are from a safe and trusted source and that the code wasn't altered in any way.

### **3. Methodology**

The evaluation method which has been utilised by countless researchers in obtaining research data known as the questionnaire method was implemented in this study. A random sampling method has also been chosen and implemented as a method of collecting the research data in this study. The nature of questionnaires asked will be focused on the topic of cyber threats, cyber security and its relationship with SMD. Through the employment of the random sampling method, a set of questionnaires have been distributed within the duration of approximately three months to the targeted group of respondents. Other platforms as well as social media had also been utilised to distribute the online survey such as WhatsApp and Instagram. The target respondents of this study are focusing particularly on the youths which include the generation-Z strictly. This particular group of respondents have been chosen as they represent the majority of mobile device users that are

**123**

**Figure 4.**

*Respondents demographic.*

*Revealing Cyber Threat of Smart Mobile Devices within Digital Ecosystem: User Information…*

technologically literate. A variety of respondents with different gender, background and educational level had taken part in the study. A total of 109 respondents have participated in the online questionnaire where almost all of the respondents are within the age range of 20–29 years old which matches the targeted group of

The data analysis will be made according to each of the section that has been

In this section, the questions asked the respondents about their gender, their age

Referring to **Figure 4**, out of 114 respondents that participated in the survey, 67.5% of them are female respondents and consequently 32.5% of them are male respondents, thus highlighting that a majority of the respondents are female. When looking at the age range of the respondents who have answered the survey questions, a large number of them are within the age range of 20–29 years old which contributes to a high 83.3% of total respondents. The rest of the respondents originated from two other age groups where 15.8% of the respondents are aged below 18 years old while the remaining percentage are within the age group of

*DOI: http://dx.doi.org/10.5772/intechopen.95752*

respondent previously mentioned before.

created within the survey questionnaire as follows:

• Knowledge and Attitude towards mobile security

group, their current status as well as their present educational level.

**4. Findings and analysis**

• Demographics

• General section

• Password security

• Personal security

*Demographics.*

30–39 years old.

• Application security

• Email and Account security

*Revealing Cyber Threat of Smart Mobile Devices within Digital Ecosystem: User Information… DOI: http://dx.doi.org/10.5772/intechopen.95752*

technologically literate. A variety of respondents with different gender, background and educational level had taken part in the study. A total of 109 respondents have participated in the online questionnaire where almost all of the respondents are within the age range of 20–29 years old which matches the targeted group of respondent previously mentioned before.
