Over 190,000 mobile phones are lost in London taxis each year, in what ESET refers to as a technology “black hole”. A survey by ESNET involving 300 cab drivers, found out that an average taxi driver in London discovered approximately eight forgotten mobile phones in the back of their cabs each year. Majority of the devices are not protected by any pin or password, leaving them vulnerable to cyber -attackers
The survey showed that people were yet to take cybercrime as a serious security threat. “Despite the huge publicity cybercrime receives in the media today, consumers still do not see themselves as a real target. This is naive and wrong. Cybercriminals are well aware of the fact that our mobiles contain connections to corporate networks and sensitive information and they will take advantage of this,” said Mark James, a security specialist at ESET. “Consumers should as an absolute minimum use a password to protect their device in case it is ever lost, however a good security posture would include encryption and a remote wipe facility.”
Misplacing a mobile device nowadays, is more than just losing phone numbers. People use their mobile devices for to access almost all services, including online banking and making tax returns. According to Neil Munroe, a Director of External Affairs at Equifax, “People now have PINs, passwords and email addresses on them,” he said. “This gives fraudsters a good start to begin phishing.”
Fraud experts warn that mobile device could be a source of crucial information to criminals and hackers. Devices such as smartphones, Mp3 players and memory sticks could store tens of thousands of document and files, and millions of contact and email, making them a priority target for criminals.
“If such a device gets into the wrong hands of a criminal, hacker or opportunist, losing it could have serious implications,” Said Michael Callan, chief Marketing officer a Equifax. “Our advice is always encrypt it and password protect it to stop it ever being accessed by anyone other than yourself.”
With the advent of BYOD (bring your own device) in the Corporate landscape, losing a mobile device could also have serious implications on the employer. “With the ever-shrinking boundaries between work devices and work-enabled personal devices, lost or stolen smartphones and other mobile devices that fall into the wrong hands place companies and business data at tremendous risk.” said Gregory Webb, Venafi Vice President of Marketing.
Organizations whose employees have a wide access to corporate data using mobile devices, should have sounds polices and devices management systems, to safeguard sensitive information. Chris Mayers a chief security architect at Citrix– an applications delivery firm, warns that Business should be more cautious about the sensitive data employees carry outside the office. People should also avoid carrying “unnecessary sensitive” data on their mobile devices.
“In many cases that data doesn’t even need to travel. Laptops don’t need to contain sensitive data,” said Mayers.”Print-outs don’t need to be ferried from pillar to post, yet it seems too many people regard sensitive data with the same careless regard they have for their umbrella.”
The survey indicated that losing your device in a cab was much safer, than losing it elsewhere, with 80% of taxi drivers returning the misplaced devices. Mr. James however warns that not all people are honest, so you should make it a priority to safeguard your devices.
“I imagine the majority of people who find a phone will actually have a look around and see if there is anything of any interest or value to be found. What people need to start asking themselves is – could any of the data held on my mobile compromise me either personally or professionally if it fell into the wrong hands? If the answer is yes, which I expect it will be, then security on your mobile device must be a priority, not an afterthought.”
London has been host to several high profile data–loss cases in the past, allegedly due to misplaced devices. In November Last year, a USB memory stick from the country’s Adult and Community Service community was misplaced. It had internal memos and copies of e-mails about forthcoming projects – and it also had tables containing the names of clients.
In other similar incident, a memory stick- holding passwords for a government computer system – was found in the car park of a pub in Staffordshire. The password for the Gateway website gives access to sensitive information including, tax returns and child benefits.
In 2009 the government confirmed losing hard drive holding details of up to 5,000 employees of the justice system. The hard drive contained data of employees of the National Offender Management Service in England and Wales, including prison staff.
Interestingly, people do not only forget their phones, other items that turned up in the back of taxis included £100,000 in stocks and bonds, a dog, 400 packets of Jelly and a NATO Chief’s briefcase. Drivers also discovered strange things such as 12 dead pheasants, and a casket of funeral ashes.