We recently released a study that shows cyber-crime is concentrated in areas of high traffic, particularly the world’s top tourist destinations such as those identified by Travel & Leisure —including Times Square, Disneyland Parks and Union Station in Washington, D.C. Skycure Research Labs found that SSL decryption was the most common type of attack at these hot destinations—with Android devices having a 2X higher monthly likelihood of a network exposure compared to iOS devices.
As the leading provider of proactive mobile threat defense, Skycure collects data lakes of threat intelligence about the multiple layers of mobility—including device-level, app-level and network-level intelligence, which is beyond the reach of traditional mobile security tools. With the most complete living picture of mobile security around the world, we have the ability to contrast iOS and Android devices in high-risk zones, and extract unique insights about both the devices and their users’ behavior. See which insights may impact how you plan to stay safe when traveling to the world’s most magical destinations in our new infographic: 2015 Best & Worst WiFi Spots for Mobile Security.
Types of Attacks
The most frequent threat that we identified at the Top 15 Danger Destinations was a WiFi-based attack called SSL decryption, which allows cyber criminals to capture personal and work information (such as mobile banking logins/passwords and corporate credentials). SSL Stripping was the other common attack that allows attackers to downgrade HTTPS URLs to non-secure HTTP URLs. These attacks are generally hard for users to detect as the attackers keep them believing that her or his session is secure.
iOS vs. Android
In a separate analysis that reviewed worldwide Skycure Threat Intelligence data, researchers found that on average, mobile devices are more than 25 percent likely to expose personal and corporate data to a network attack on a monthly basis. The research also found that while iOS devices/users connect to many more WiFi network access points (probably because of automated hotspot connections, usability and being used more often in work environments than Android devices), Android devices/users connect to more malicious ones. This was a little surprising to us as well and we have a few theories on why that might be the case:
- User Behavior: Android users are generally more tech-savvy and their comfort level to connect to “never-seen-before” networks is a bit higher than iOS users.
- Data Plans: Android users tend to choose from a greater range of carrier plans that are more economical but may have smaller data limits. Not wanting to incur fees for going over their data plans, Android users may be more likely to voluntarily connect to “Free” WiFi hotspots.
Our study found that a massive 8% of the total reported threats originated from a WiFi network with “Free” in its name.
How We Collect Mobile Threat Intelligence
Our patent-pending Active Honeypot technology and crowd wisdom tools allow us to amass the most useful mobile cyber-threat data for analytics and pattern recognition. We conduct millions of network and application anomaly detection tests every month. It was this data lake of useful mobile threat intelligence that fueled our study—in addition to other data science from the Skycure Research Labs including location awareness. Travelers can check for the real-time status of mobile threats at the Top 15 Danger Destinations or any destination in the world at our website: https://maps.skycure.com.
Safety Tips for Travelers
Here are a few quick tips for mobile users traveling to high-risk destinations:
- Avoid “Free WiFi” networks.
- Update your device to the most current operating system.
- Read the warnings on your device and don’t click “Continue” if you don’t understand the exposure.
- Disconnect from the network if your phone behaves strangely (e.g. frequent crashes) or you receive a warning notification.
- Protect your device with a mobile security app like Skycure.